Wednesday, December 4, 2019
Disaster Recovery Planning Identification of Threats
Question: Describe about the Disaster Recovery Planning for Identification of Threats. Answer: Disaster Recovery Planning Disaster recovery planning together with Business continuity planning plays a key role in ensuring the continuity of the business. Through the identification of threats before they occur and working towards the solution before they shadow a negative impact on the organization. These plans act as a source of information and provide a guide to the identification of a viable tool to be used just at the right time in case of a disaster. The construction of the plan must be maintained, tested and even audited to ensure that it remains appropriate to the organization's needs. These plans are calculated to incorporate all the issues and risks along with tools to help in the creation, maintenance and auditing of the plan itself (Fallara, 2003) Contingency Plan This involves seven steps process of the development and the maintenance of the plan. These steps are (Myers, 1993); Identification of any particular regulatory requirements which is related to the contingency planning. This involves the development of formal statement outlining the contingency planning policy that gives the stakeholders the power and guidance necessary to develop any form of contingency plan. Conducting the business impact analysis to determine and prioritize the important business processes, critical systems, and components. Identification and the implementation of the preventive control measures to minimize the effects of the disruption, reduce costs of contingency and increase availability. Development of a strategic recovery plan to ensure that the critical systems, infrastructure and business processes have the capability of being recovered. Development of contingency plans in which the details pertaining procedures and guidance to recovery are formulated following a disruption. Initiate the testing, training and exercises of the plan to reinforce and validate and test the contingency plans in an attempt to identify gaps and to prepared the responsible personnel on the unforeseen occurrences. Maintenance of the contingency plans as documents with regular updates made to them to reflect any possible changes made on it. Develop clear and precise directions on how to handle serious downtime Downtime occurrences are inevitable. The process of designing the company's system to be in a position to handle failure is a crucial part of ensuring the survival of the business to most problems. This process involves; a) Planning In the case of a critical alert which has resulted in chaos and panic, a big blow can be received by the company. However, planning in advance ensures order in case something goes wrong. Always be ready to deal with alerts. The organization should be in a position to handle on-call rotations, escalation of issues to members of the team, plans put in place for reachability. Page duty and considerations on factors such as availability, illness, looping and internet connectivity should be put in place. b) Using checklist to deal with downtime The company should develop a system in which a defined process is put in place ready to deal with any form of alert. The use of checklist eliminates unnecessary thinking to give room to focus on the real problem and to ensure that appropriate measures are put in use. A proper communication channel should be put in place both externally and internally. c) Provision of a detailed postmortem This aims at winning back trust. The following of the above steps during a downtime provide useful information so that the customers know exactly what is going on. Writing up and explaining to them what went wrong and why and what measures have been put in place to prevent such a similar occurrence helps win trust. Formulate prevention and recovery strategy and develop recovery plan It comprises of the following; a) Risk assessment This is the initial assessing of the risk and the attempts made to prevent its occurrences. It consists of the following subdivisions (Comont et al. 2006). Identification of the risk; this is the process in which a request I made to staff to come up with and outline potential risks. Analyzing the risk; this involves the process of evaluation done to the risks identified above. Treating the risk; this stage involves taking appropriate measures to deal with or solve a potential risk. b) Planning and recovery The process of planning for a disaster prevention involves formulating plans that were put in place during the risk assessment process these plans should incorporate the procedure to identify and report a disaster, the steps to follow by the recovery team, the tasks of the recovery team, procedure for updating and testing the plans and the provision of training and awareness to the staff members (Alexander, 2005). Disaster Recovery Plan Based On Gtc Disaster recovery plans help the company to be restored to its original status before the disaster occurred. Special focus to be put on the valuable asset such as the information flow and infrastructural facilities compared to others which are meant for leisure. The following steps are to be followed in a disaster recovery plan (Sandhu, 2002). The establishment of a program aimed at the restoration of both the site of the disaster and the affected materials to a stable condition. Determination of the priorities for the restoration of work and seeking the best option and methods and obtain the cost estimate. Development of a phased program aimed at the conservation in the case where large quantities are involved. Getting rid of items which are beyond recovery and replacing them with new ones A contact to the insurers should be made Cleaning and rehabilitating the disaster area should be done Analyze the disaster and make impartments on the plans after the experience Different type of resources in creating and implementing a dr plan. a) The human resource; The human resource Is termed as a key factor in disaster management. This involves a committee that should come up with all the possible forms of disaster in an organization. They should the come up with a viable solution to all form of disaster they have laid down. They are also the ones responsible for formulating the procedures to be followed while dealing with the disaster. The human resource is also responsible for dealing with the disaster head on. By following the specific procedures laid down, the carry out activities to face and deal with the disaster (Vuong, 2015) b) Hardware resource This involves all the physical and tangible components that can be incorporated into disaster control procedure. Say in case of fire; a fire extinguisher is a hardware resource used to put out the fire c) Software resource This involves all forms of soft copy procedures and programs used to deal with a disaster. For example, the use of computers to shut down industrial plants in the case of fire outbreak is an effective way of disaster control. Cut-over criteria before initiating disaster plan. The owner who is the shareholder are the ones to access the cutoff criteria in their organization. They will need to access damages caused by the disaster to determine the following; Is there any potential for further damages? What were the critical areas in the organization that was affected by the disaster? What is the current status of the physical infrastructure in the organization? How bad is the damage to the organizations assets? What items can be reused and which ones require replacement What is the estimated time for the organization to be up and running? References Alexander, D. (2005). Towards the development of a standard in emergency planning. Disaster Prevention and Management: An International Journal, 14(2), 158-175. Comont, L., Laggoun-Dfarge, F., Disnar, J. R. (2006). Evolution of organic matter indicators in response to major environmental changes: The case of a formerly cut-over peat bog (Le Russey, Jura Mountains, France). Organic Geochemistry, 37(12), 1736-1751. Fallara, P. (2003). Disaster recovery planning. IEEE Potentials, 22(5), 42-44. Myers, K. N. (1993). Total Contingency Planning for Diasters: Managing Risk... Minimizing Loss... Ensuring Business Continuity. John Wiley Sons, Inc. Sandhu, R. J. (2002). Disaster recovery planning. Premier Press. Vuong, J. (2015, October). Disaster recovery planning. In Proceedings of the 2015 Information Security Curriculum Development Conference (p. 16). ACM.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.