Running head: COMPONENTS OF A DISASTER RECOVERY PLAN 1



Similar documents
SCOPE; ENFORCEMENT; AUTHORITY; EXCEPTIONS

BUSINESS CONTINUITY PLAN

Disaster Recovery Plan

Disaster Recovery Plan

Technology Recovery Plan Instructions

Business Continuity and Disaster Preparedness Plan

Here is the basic information needed in the contractors EP plan:

How to Plan for Disaster Recovery and Business Continuity

Business Unit CONTINGENCY PLAN

DRAFT Disaster Recovery Policy Template

SECTION 15 INFORMATION TECHNOLOGY

Disaster Preparedness Plan. "[Click Here and type your Company Name]" Prepared By: Date:

FORMULATING YOUR BUSINESS CONTINUITY PLAN

Business Continuity Planning and Disaster Recovery Planning

PPSADOPTED: OCT BACKGROUND POLICY STATEMENT PHYSICAL FACILITIES. PROFESSIONAL PRACTICE STATEMENT Developing a Business Continuity Plan

Disaster Recovery Plan Documentation for Agencies Instructions

Unit Guide to Business Continuity/Resumption Planning

SCHEDULE 25. Business Continuity

Fundamentals of Business Continuity Planning Have a Plan!

Constructing a successful business continuity plan

Data Center Assistance Group, Inc. DCAG Contact: Tom Bronack Phone: (718) Fax: (718)

IT Disaster Recovery Plan Template

<Client Name> IT Disaster Recovery Plan Template. By Paul Kirvan, CISA, CISSP, FBCI, CBCP

Disaster Recovery: Helping Non-Profits to Plan, Prepare & Recover. By: Lynn Do

Building and Maintaining a Business Continuity Program

CIS 523/423 Disaster Recovery Business Continuity

REGIONAL CENTER DISASTER RECOVERY PLAN

Disaster Recovery Plan (Business Continuity) Template

OKHAHLAMBA LOCAL MUNICIPALITY

Business Continuity Planning

B U S I N E S S C O N T I N U I T Y P L A N

PAPER-6 PART-4 OF 5 CA A.RAFEQ, FCA

ICT & Communications Services Disaster & Recovery Plan

Overview of Business Continuity Planning Sally Meglathery Payoff

Offsite Disaster Recovery Plan

#316 The Security Elements of Business Continuity & Disaster Recovery Plans

Creating a Business Continuity Plan for your Health Center

Continuity of Operations Planning. A step by step guide for business

William Rider Manager Disaster Recovery & Data Security The Johns Hopkins Health System & University

IT Disaster Recovery and Business Resumption Planning Standards

IF DISASTER STRIKES IS YOUR BUSINESS READY?

Post-Class Quiz: Business Continuity & Disaster Recovery Planning Domain

EMERGENCY RESPONSE PLAN. This Emergency Response Plan describes the functions and procedures of USA Track & Field,

July 30, Internal Audit Report Information Technology Business Continuity Plan Information Technology Department

DISASTER RECOVERY AND CONTINGENCY PLANNING CHECKLIST FOR ICT SYSTEMS

Disaster Recovery Plan (DRP) / Business Continuity Plan (BCP)

Does it state the management commitment and set out the organizational approach to managing information security?

EMERGENCY PREPAREDNESS PLAN Business Continuity Plan

Clovis Municipal School District Information Technology (IT) Disaster Recovery Plan

Documentation. Disclaimer

Disaster Recovery Plan Review Checklist. A High-Level Internal Planning Tool to Assist State Agencies with Their Disaster Recovery Plans

NEEDS BASED PLANNING FOR IT DISASTER RECOVERY

Interactive-Network Disaster Recovery

The University of Iowa. Enterprise Information Technology Disaster Plan. Version 3.1

ICT Disaster Recovery Plan

Disaster Recovery Planning

Workforce Solutions Business Continuity Plan May 2014

CISM Certified Information Security Manager

Tufts Health Plan Corporate Continuity Strategy

Business Continuity Glossary

Disaster Recovery And Contingency Plan Design and Implementation Manual For Utilities

Each section has handy hints and advice on completing your plan along with links to further information which you can download and print.

Andres Llana, Jr. INSIDE. Upper Management s Role; Delegating Responsibilities; Minimum Plan Outline; Business Impact Analysis

business continuity plan for:

Contingency Planning and Disaster Recovery for BOMA

The Commonwealth of Massachusetts

How to write a DISASTER RECOVERY PLAN. To print to A4, print at 75%.

Hong Kong Baptist University

Oklahoma Bar Association Disaster Plan

This white paper describes the three reasons why backup is a strategic element of your IT plan and why it is critical to your business that you plan

Continuity of Operations Actions

Exhibit to Data Center Services Service Component Provider Master Services Agreement

PAPER-6 PART-1 OF 5 CA A.RAFEQ, FCA

Preparing a Disaster Recovery Plan (Church)

Massachusetts Institute of Technology. Functional Area Recovery Management Team Plan Development Template

Title : Business Continuity Plan Section : Operating Guidelines. Procedure # : 049 Effective : Nov 2010 Page : 1 of 7 Review : May 2017

DISASTER RECOVERY PLAN

BUSINESS CONTINUITY PLAN OVERVIEW

Disaster Recovery. 1.1 Introduction. 1.2 Reasons for Disaster Recovery. EKAM Solutions Ltd Disaster Recovery

Appendix 6c. Final Internal Audit Report Disaster Recovery Planning. June Report 6c Page 1 of 15

Information Security Management: Business Continuity Planning. Presentation by Stanislav Nurilov March 9th, 2005 CS 996: Info. Sec. Mgmt.

TUFTS HEALTH PLAN CORPORATE CONTINUITY STRATEGY FREQUENTLY ASKED QUESTIONS OVERVIEW CORPORATE CONTINUITY PROGRAM.

SCHEDULE 3.9 TO THE COMPREHENSIVE INFRASTRUCTURE AGREEMENT DISASTER RECOVERY PLAN GUIDELINES

Learning about an Emergency Management Plan GET READY NOW!

Table of Contents... 1

Vermont Division of Emergency Management and Homeland Security Business Disaster Preparedness Workbook

Can Your Centre Recover from a IAAO. June 4, 2013 Lead by The Ontario Universities Application Centre

Disaster Recovery Policy

Disaster Recovery Planning Process

BUSINESS CONTINUITY PLANNING. Business Continuity Management Plan. Version 1.4

Business Continuity and Disaster Planning

Business Continuity Plan For Disaster Recovery in the event of a Critical Incident

Disaster Response and Business Continuity Plan

Disaster Recovery Business Continuity Premium Edition

CONTINUITY OF OPERATIONS PLAN TEMPLATE

SAMPLE IT CONTINGENCY PLAN FORMAT

Clinic Business Continuity Plan Guidelines

A Business Continuity Plan for Government. George Bomar Dianne Casey Texas Department of Licensing and Regulation

Disaster Recovery Policy

Transcription:

Running head: COMPONENTS OF A DISASTER RECOVERY PLAN 1 Components of a Disaster Recovery Plan DeVry Institute of Technology

2 Components of a Disaster Recovery Plan Disasters do strike without warning. Extreme weather events represent one end of the stick. On the other end, human error can render an organization's business inoperable ranging from a few hours to several days. Whatever the circumstances, it s critical for an organization to have a disaster recovery plan in place. A disaster recovery plan (DRP) is a plan designed to reduce the impact of a disaster and shorten the time needed to recover from a disaster whether natural or man-made. (Whitman, & Mattord, 2007, p. 524). The DRP provides an efficient solution that can be used to recover all essential business processes in a specific time frame. The DRP document should include specific and detailed guidelines and procedures for restoring lost or damaged organizational I.T capability. The DR team must have a team leader, this leader should also be a member of the contingency planning management team (CPMT). Disaster recovery team is made up of several teams based on the size of the organization. These teams are the disaster management team, communications team, computer recovery (hardware) team, systems recovery (OS) team, network recovery team, storage recovery team, applications recovery team, data management team, vendor contact team, damage assessment and salvage team, business interface team, logistics team, and other teams as needed. The Disaster management team is the command and control team responsible for planning and coordination activities during a disaster, this team coordinates all efforts and receives reports and feedback from other teams and accordingly assigns work to them. The communications team is made up of members from the public relations and legal departments. They express the needs from the upper management and giving

3 feedback to anyone in need of additional information about the organization s efforts in recovering from the disaster such as the press or the families of employees. The computer recovery (hardware) team works towards recovering physical computing assets that might be useable after the disaster. Systems recovery (OS) team recovers and restores operating systems and could also re-establish user accounts and remote connectivity in conjunction with the network team. The Network recovery team focuses on extent of damage to the network hardware infrastructure as well as Internet and intranet connectivity. They work towards re-establishing connectivity by repairing or replacing damaged or destroyed parts. They work closely with the Internet service provider (ISP) to re-establish connectivity. The Storage recovery team deals with network attached storage (NAS), they work with the others to recover data/information and re-establish operations. The applications recovery team recovers applications and reintegrates users back into the systems once the previous groups have systems back up and running. The data management team works with all of other teams, their key focus is on data restoration and recovery which could be on-site, off-site, or online transactional data. This team is expected to swiftly assess the recoverability of data from systems on site and follow with recommendations to the management team as to whether off-site data recovery is needed. The vendor contact team coordinates with suppliers and vendors to replace damaged or destroyed materials, equipment, or services, based on the feedback from the other teams. The damage assessment and salvage team this team is specialized at providing initial assessment of the extent of damage to materials, inventory, equipment, and systems on location. They are in-charge of physically recovering salvageable items to be relocated to a location where

4 the other teams can evaluate them. This team is also in charge for coordinating physical security with law enforcement and any private security service. The Business interface team works with the rest of the organization to assist in the recovery of non-technology functions. The most critical functions are rebuild first. As the liaison between business and IT, this team makes certain that each team can work on their own recovery efforts, without interfering with each other. The Logistics team is in-charge for providing needed supplies, space, materials, food, services, or facilities needed at the primary location. Finally, other teams could be implemented as needed based on specialized needs to assist in the recovery operations. After the DR teams and members are identified, The DR Team takes the Incident Response (IR) team s incident-handling procedures and starts developing its unique procedures for the DR plan i.e. the DR team transforms the incidents to disasters However any through DR plan will include three key activities and components which are during the disaster, after the disaster, and before the disaster. In addition, there to other activities which are Plan Testing, Training, and Exercises and Plan Maintenance During the disaster phase, planners develop, expand, and document the procedures that need be carried out while the disaster is in progress. These procedures are grouped and assigned to teams and team members. For example, network administrators tasks would differ from managerial tasks, so it is critical for members of planning committee to draft a set of functionspecific procedures during the disaster. However, certain disasters may hinder organizational response, unless the team members are at on-site when the disaster strikes. For such disasters,

5 evacuation plans/exits, shelters locations, fire suppression systems, and other emergency reaction items such as first aid kits must be organized and located into accessible and easy-to-read documents which could be referred to during the disaster. In the after the disaster phase, after the procedures and guidelines for handling or reacting to a disaster are drafted, the DR team planners develop and document the procedures that must be taken immediately and swiftly after the disaster has come to an end. It should be noted that, separate functional areas could develop various procedures. Finally, if the damage from the disaster is considerable enough, crisis management procedures may be needed. In the before the disaster phase, the planners scheme a third set of procedures cataloging tasks that need be performed in order to prepare for the disaster. These procedures include information/data backups, disaster recovery preparations, staff training schedules, testing plans, copies of service agreements, and business continuity plans, if implemented by the organization. The Plan Testing, Training, and Exercises phase focuses on training management and staff in the proper performance of their specific roles as laid down in the disaster recovery plan to test the cogency and effectiveness of the DR plan as well as prepare the various teams to use it. Any issues that arise in the plan during training are incorporated into the draft document. Once the drafts have been reviewed and tested, the final assembly can commence. Finally, in the Plan Maintenance phase, the DR plan is updated regularly to remain current with I.T enhancements. It is advisable for the DR lead team to revisit the plan once a year to update the necessary changes. In conclusion, every organizations is vulnerable to encountering a severe incident, preventing it from continuing every day operations at any time. Beyond disasters such as

6 electronic warfare, terrorist attacks, man-made disasters such as fire or political disasters such as the ones seen in Egypt and other unforeseen possibilities can cause bring an organization to a halt. Anticipating disaster and preparing is critical and advisable, as does regular testing of IT services and back-ups. A well-structured and coherent disaster recovery plan will enable an organization to recover rapidly and efficiently from an unforeseen disasters, thus avoiding significant organization interruption and or loss.

7 References Whitman, M. E., & Mattord, H. J. (2007). Principles of incident response and disaster recovery. Boston, Mass: Thomson Course Technology.

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information