Is 3110 Lab 7

event of a catastrophic disruption (fire) or disaster (hurricane) and a major IT or data center outage occurs

Do all critical employees understand their role should an outage/disaster occur? Are there third party vendors that need to be considered in the BIA? Is there an alternate site available, should the current building not survive? Is data stored at an off-site facility?

Business Continuity and Disaster Recovery (BCDR or BC/DR) are closely related practices that describe an organization's preparation for unforeseen risks to continued operations. The trend of combining business continuity and disaster recovery into a single term has resulted from a growing recognition that both business executives and technology executives need to be collaborating closely instead of developing plans in isolation.

5. Of the three Systems/Application Domain risks, threats, and vulnerabilities identified, which one requires a disaster recovery plan and business continuity plan to maintain continued operations during a catastrophic outage? The mainframe or complete data loss. This should have an extensive DRP.

Create an implementation plan in which you recommend ways of implementing, monitoring and adjusting the BCP.

The first order of business is development of a Business Continuity Plan (BCP) it is vital to first understand the business processes and its impact on the DLA and DOD. While not all tasks and processes are deemed critical, all of the inter-related operations of the DLIS are requisite to service the mission.

A disaster recovery plan requires testing so that all things are planned ahead of time and ready to go in the case of an emergency. New items or untrained personnel can come into the business and need to be added to the plan. This will need to be tested also to ensure it is covered when an emergency happens. In addition, everything on the plan may look good when in writing but until the plan is used in a real situation, the business will never know if it works properly. Testing the plan in a simulation disaster scenario is the best way to know how objects and people react to the situation.

Firstly, Disaster Recovery, this is a procedure that needs to be implemented in the case an accident occurs within an organisation that may result in the loss of data, for example fire/ water damage. This is when a plan needs to be applied to allow the recovery of data; an example of this could be recovering the backup files, installing new equipment and uploading the backup on the new network. For this to be effective this recovery policy relies on backups to be done regularly, otherwise recovery would not be eligible. The disaster recovery policy is highly beneficial and important as it saves not only the organisation but their money and reputation.

Good Business Continuity Planning starts with being proactive. That means taking concrete steps to plan for an incident much before it actually strikes. There is no one single approach that fits for all types of incidents as no two emergencies are identical. Much of business continuity planning varies based on the size of the company, company’s line of business, and the locations of the company, customers and suppliers.

4. What is the definition of Recovery Time Objective (RTO)? Why is this important to define in an IT Security Policy Definition as part of the Business Impact Analysis (BIA) or Business Continuity Plan (BCP)? Is the targeted duration of time and a service level within which a business process must be restored after a disaster (or disruption) in order to avoid unacceptable consequences associated with a break in business continuity. The reason for identifying security policy definitions is to make it clear to the organization what these areas are and how you plan to fix them.

As part of our disaster recovery plan, we have configured one of the servers as a backup that contains a complete backup of the primary server. The backup server will be configured so that if the primary server fails, then the backup server will come online, so that there will be no interruption in service. Each week we will test the backup server to ensure that all the files are readable and accessible. Then, once a month we will test the recovery plan creating a failure to make sure the backup server comes online.

Due in Week Three: For your selected scenario, describe the key elements of the Disaster Recovery Plan to be used in case of a disaster and the plan for testing the DRP.

Disasters have become an inevitable part of businesses and organizations as well. They not only have a major effect on business and organizational continuity; they also result to an overhaul in organizational operational mechanisms (Awasthy, 2009). It is for this reason that many organizations and business resort to preparing business continuity plans and disaster recovery plans that will facilitate better disaster management in future. Effective disaster recovery plans are important to every business and organization (Thejendra, 2008).

The team prioritized investments for disaster recovery initiatives, and in conjunction with business unit leaders, designed a tiered model highlighting recovery priorities. These priorities were validated with IT infrastructure leaders to help ensure alignment. As failover

Disaster Recovery Planning is the critical factor that can prevent headaches or nightmares experienced by an organization in times of disaster. Having a disaster recovery plan marks the difference between organizations that can successfully manage crises with minimal cost, effort and with maximum speed, and those organizations that cannot. By having back-up plans, not only for equipment and network recovery, but also detailed disaster recovery plans that precisely outline what steps each person involved in recovery efforts should undertake, an organization can improve their recovery time and minimize the disrupted time for their normal business functions. Thus it is essential that disaster recovery plans are carefully laid