Disaster Recovery Plan



Similar documents
Disaster Recovery Plan Checklist

PPSADOPTED: OCT BACKGROUND POLICY STATEMENT PHYSICAL FACILITIES. PROFESSIONAL PRACTICE STATEMENT Developing a Business Continuity Plan

Business Continuity. Disaster Recovery Plan

How to Prepare for an Emergency: A Disaster and Business Recovery Plan

Disaster Recovery Checklist Disaster Recovery Plan for <System One>

ICT & Communications Services Disaster & Recovery Plan

Disaster Preparedness & Response

Business Continuity and Disaster Recovery Planning from an Information Technology Perspective

NCUA LETTER TO CREDIT UNIONS

Creating a Business Continuity Plan for your Health Center

C I T Y O F W E S T L I N N

Business Unit CONTINGENCY PLAN

DISASTER RECOVERY AND CONTINGENCY PLANNING CHECKLIST FOR ICT SYSTEMS

MARQUIS DISASTER RECOVERY PLAN (DRP)

Remote Backup Solution: Frequently Asked Questions

Business Continuity Planning for Risk Reduction

11 Common Disaster Planning Mistakes

How to Plan for Disaster Recovery and Business Continuity

Flood Preparedness Checklist

Disaster Recovery Plan Documentation for Agencies Instructions

Technology Recovery Plan Instructions

FORMULATING YOUR BUSINESS CONTINUITY PLAN

Statement of Guidance

Regulatory Notice 13-25

ITMF Disaster Recovery and Business Continuity Committee Report for the UGA IT Master Plan

Backup Strategies for Small Business

Clinic Business Continuity Plan Guidelines

Continuity of Operations Planning. A step by step guide for business

How To Answer A Question About Your Organization'S History Of Esi

CONTINUITY AND RECOVERY PLANNING GUIDE

Prepared by Rod Davis, ABCP, MCSA November, 2011

Why Should Companies Take a Closer Look at Business Continuity Planning?

Disaster Recovery Planning Process

RISK AND DISASTER MANAGEMENT: SOME USEFUL TOOLS AND RESOURCES FOR BUSINESSES AND ORGANISATIONS

Disaster Recovery and Business Continuity Plan

BUSINESS CONTINUITY PLAN OVERVIEW

BUSINESS IMPACT ANALYSIS

Cloud Computing. Chapter 10 Disaster Recovery and Business Continuity and the Cloud

SAMPLE IT CONTINGENCY PLAN FORMAT

Ohio Supercomputer Center

Disaster Recovery. Stanley Lopez Premier Field Engineer Premier Field Engineering Southeast Asia Customer Services and Support

The University of Iowa. Enterprise Information Technology Disaster Plan. Version 3.1

Aljex Software, Inc. Business Continuity & Disaster Recovery Plan. Last Updated: June 16, 2009

Template Courtesy of: Cloudnition LLC 55 W. 22 nd St Suite 115 Lombard, IL (630)

HIPAA RISK ASSESSMENT

BNA FEDERAL CREDIT UNION DISASTER RECOVERY PLAN

INSIDE. Preventing Data Loss. > Disaster Recovery Types and Categories. > Disaster Recovery Site Types. > Disaster Recovery Procedure Lists

Diagram Cloud Computing

Business continuity plan

Symmetry Networks. Corporate Managed Services Schedule

Information Resources Security Guidelines

Business Continuity Plan Summary

Mazzone & Associates, Inc.

Why Fails MessageOne Survey of Outages

Clinic Business Continuity Plan Guidelines

IT Disaster Recovery Plan Template

<Client Name> IT Disaster Recovery Plan Template. By Paul Kirvan, CISA, CISSP, FBCI, CBCP

DATA RECOVERY SOLUTIONS EXPERT DATA RECOVERY SOLUTIONS FOR ALL DATA LOSS SCENARIOS.

DISASTER RECOVERY. Omniture Disaster Plan. June 2, 2008 Version 2.0

Joint Universities Computer Centre Limited ( JUCC ) Information Security Awareness Training- Session Four

Offsite Disaster Recovery Plan

nexvortex VOIP DISASTER RECOVERY BUSINESS SOLUTION

BUSINESS CONTINUITY PLAN (BCP)

Planning and Implementing Disaster Recovery for DICOM Medical Images

Riverhead Central School District

Creating a Business Continuity Plan

courtesy of F5 NETWORKS New Technologies For Disaster Recovery/Business Continuity overview f5 networks P

Prudential Practice Guide

Mastering Disaster A DATA CENTER CHECKLIST

Guidance Note XGN XXX.1

Business Continuity Planning in IT

PAPER-6 PART-3 OF 5 CA A.RAFEQ, FCA

The case for cloud-based disaster recovery

Federal Financial Institutions Examination Council FFIEC. Business Continuity Planning BCP MARCH 2003 MARCH 2008 IT EXAMINATION

Disaster Recovery Remote off-site Storage for single server environment

Disaster Recovery Plan (DRP) / Business Continuity Plan (BCP)

Standard Operating Procedure-Speciation Data Processing Disaster Recovery Plan

University Information Technology Services. Information System Contingency Plan Instructions

Business Continuity Management

Transcription:

Disaster Recovery Plan This guide sets forth items to consider in the review of the firm s disaster recovery plan. You should form a committee to assess the plan and should assign activities under the plan to individuals in the firm or to third party service providers. Page 1 of 13

TABLE OF CONTENTS A. DISASTER SCENARIOS B. CRITICAL AND NON-CRITICAL ITEMS C. OFFICE LOCATION D. UTILITIES E. COMMUNICATIONS F. BACK-UP AND RECOVERY G. THIRD PARTY SERVICE PROVIDERS H. EMPLOYEES I. ADDITIONAL CONSIDERATIONS Page 2 of 13

A. DISASTER SCENARIOS Identify events that could disrupt the firm s ability to provide investment advisory services to clients. Examples are listed below. Fire Flood Hurricane Terrorist act Power-outage Page 3 of 13

B. CRITICAL AND NON-CRITICAL ITEMS Compile an inventory of items utilized by the firm to provide investment advisory services to clients. Categorize each item as critical (needed within 2 weeks) or non-critical (not needed within 2 weeks). Examples are listed below. CRITICAL Software Portfolio management system Microsoft Word Hardware Computers Servers Printers Copiers Communications Internet Fax Telephone Third Party Service Providers Custodian Shredding Company Brokers Employees Portfolio Managers Traders Marketing Staff Assistants Members of the Management Committee Data Client Holdings NON-CRITICAL Page 4 of 13

C. OFFICE LOCATION Consider the questions below in determining how the firm will address a temporary or permanent disruption to its ability to access or work from its current office location. 1. Where will employees work (e.g., from home, at an alternative work location, etc.)? 2. Will there be a temporary meeting place or other gathering location to conduct meetings? 3. What is the likelihood that alternative work locations will be effected by the disruption (e.g., are they in close proximity to the main office, etc.) and how will the firm reduce such risk? 4. How will the critical and non-critical items be restored at or accessed from an alternative work location? 5. Will employees require transportation to any alternative work location or meeting place? Will the firm assist in transporting employees to the alternative work location or meeting place? Page 5 of 13

D. UTILITIES Identify the critical and non-critical items that would be affected in the event of a temporary or permanent disruption to the utilities (electric, water, cable, phone, etc.) at the main office. For each item identified, determine how the firm will restore or obtain accessibility to such items. Examples are listed below. Computers Servers Internet Telephone Back-up generator, home computers, etc. Access the Internet via handheld devices. Cell Phones, Pagers, etc. Page 6 of 13

D. UTILITIES (CONTINUED) Consider the questions below in determining how the firm will address a temporary or permanent disruption to utilities at the main office. 1. Will employees work at an alternative work location? 2. Will an alternative source of utilities be used in the event of a temporary or permanent disruption to the utilities at the main office? 3. How will the firm protect hardware such as servers and computers from damage (e.g., air conditioning to protect computer equipment, etc.)? 4. Will a loss of utilities at the main office compromise the security of client information? 5. Does the firm have the ability to access servers from a remote location? 6. What is the likelihood that alternative work locations will be effected by the disruption (e.g., are they on a separate utility and phone grid, etc.) and how will the firm reduce such risk? Page 7 of 13

E. COMMUNICATIONS Consider the questions below in determining how the firm will address a temporary or permanent disruption to its ordinary communication methods. Examples are listed below. 1. What alternative Internet communication methods are available? What is the likelihood that such methods will be affected by the disruption and how will the firm reduce such risk? 2. What alternative voice communication methods are available? What is the likelihood that such methods will be affected by the disruption and how will the firm reduce such risk? 3. What contact information will be needed in the event of a disaster and how will the firm access this information (e.g., utility providers, third party service providers, insurance provider, employee contact information, etc.)? 4. How will the firm communicate with employees and how will employees communicate with one another? 5. How will you maintain regular communications with clients (e.g., client reporting, etc.)? 6. How will clients communicate with the firm? 7. Under what circumstances will you contact clients and how will this be done? 8. Under what circumstances will you contact third 800 numbers, alternative wireless providers, pagers, etc. Call tree; hard copies of employee and client lists are stored offsite, etc. Page 8 of 13

party vendors and how will this be done? 9. Under what circumstances will you contact regulators and how will this be done? Page 9 of 13

F. BACK-UP AND RECOVERY Consider the questions below in determining how data will be accessed or restored in the event of a temporary or permanent disruption to the firm s ability to access such data. 1. How does the firm back-up critical and non-critical data (e.g., frequency, procedure, person(s) responsible, etc.)? 2. Are there hard copies of documents located at the main office that are not backed up? Page 10 of 13

G. THIRD PARTY SERVICE PROVIDERS Review the disaster recovery plans of your third-party service providers. For each third party service provider identified in Section B, determine what course of action would be taken if there was a temporary or permanent disruption to the services delivered by such entities. Examples are listed below. Custodian Shredding Company Not Critical Page 11 of 13

H. EMPLOYEES Consider the questions below in determining how the activities performed by critical employees will be performed in the event they are not available to work. 1. Who at the firm will take over the critical employee s responsibilities? What if that person is also unavailable to work? 2. Can the firm access the employee s voicemails and emails over which the critical employee conducted business? 3. Will clients be informed that the critical employee will no longer be available to work? How will this be done? 4. Will regulators be informed that the critical employee will no longer be available to work? How will this be done? 5. Will an additional employee be hired to take over the key employee s responsibilities? Page 12 of 13

I. ADDITIONAL CONSIDERATIONS 1. Determine the steps that would be taken under each of the scenarios listed in Section A. 2. Does the firm have a written evacuation plan? 3. Where will the firm obtain the resources to restore business operations in the event of a temporary or permanent business disruption? 4. In the event of a catastrophic disruption, how will the firm unwind its business without harming clients? 5. Will clients be able to access their funds and securities in the event of a temporary or permanent business disruption? Page 13 of 13

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information