Business Continuity/Disaster Recovery Plan for Local Government Agency

• IT System recovery procedures (i.e., mission critical IT systems, applications, and data, VoIP /

Also, in preparation for the disaster recovery solution, a decision needs to be made whether or not to house the system in multiple locations. Since the company leaders are highly concerned about business continuity, multiple locations will be helpful in the event of fires and natural disasters that could interrupt business operations (Ricardo 2012).

For this task I will be Investigating disaster recovery options and discuss how and when they would be used. I will support this discussion with examples.

Primary IT systems and data center, regional utility failure. All critical business operations moved off-site. Large-scale work-from-home/alternate site and remote access. All operations resume on-site in <30 days or a new site is required. Category-III type systems and application are desirable for carrying out least critical business operation and the plan will list them.

When it comes to the company XYZ Computers the disaster recovery plan needs to incorporate a lot of different questions that have to be answered before you can implement whatever they want achieved. The main questions that are brought up when assessing any question is,”How do we fix this? What are the costs associated with the plan presented?” Another question that should be asked but often isn’t, is “Can we anticipate this problem to help block it before it happens?” From there different categories should be implemented as manmade although not as common as a natural disaster that will affect your system, it still needs to be considered. There should also be a ranking system in the plan using two categories, these

The business continuity & disaster recovery is written into the policy to ensure each department knows and has a plan in case of an unexpected event such as a fire, vandalism, and natural disaster that would disrupt normal business. This part of the plan also states that data administrators are the ones responsible to implement procedures for critical backup of data and how long the recovery time would be which is set by the data stewards and other stockholders.

An organizational holistic approach involving many departments working interprofessionally to collaborate and combine resources for optimal execution of the recovery plan will be employed. These departments include, but are not limited to: executive management, IT (infrastructure and applications), facilities site services, finance, supply chain, personnel services, information system vendors, and legal services. All members are required to be aware of this policy and abide by its

First, Incident Response (IR) plan “is a detailed set of processes and procedures that anticipate, detect, and mitigate the effects of an unexpected event that might compromise information resources and assets.” (Whitman, 2013, p. 85). Consequently, Incident response planning (IRP) is the planning for an incident, which occurs when an attack affects information systems causing disruptions. On the other hand, Disaster Recovery (DR) plan “entails the preparation for and recovery from a disaster, whether natural or human-made.” (Whitman, 2013, p. 97). For instance, events categorized as disasters include fire, flood, storm or earthquake. Thus, the differences between an Incident Response (IR) plan and a Disaster Recovery (DR)

* The technical assessment team is responsible for monitoring all sources of alerts, logs, and other warnings in the environment. In the event of an incident, they are responsible for determining if a response is necessary and notifying the coordinator.

4. What is the definition of Recovery Time Objective (RTO)? Why is this important to define in an IT Security Policy Definition as part of the Business Impact Analysis (BIA) or Business Continuity Plan (BCP)? Is the targeted duration of time and a service level within which a business process must be restored after a disaster (or disruption) in order to avoid unacceptable consequences associated with a break in business continuity. The reason for identifying security policy definitions is to make it clear to the organization what these areas are and how you plan to fix them.

Disasters weather man-made, natural, or technological are ineluctable. Community stakeholders, leaders, and citizens are ultimately culpable for ensuring that a sound disaster preparedness and recovery plan is in place should a calamity materialize. Failure to enact such a plan comes with immeasurable consequences. Over the discourse of this paper, the Banqiao Dam disaster will be examined as a case analysis, to render what preparedness and recovery plans were sanctioned, as well as the scope of the response effort.

Disaster Recovery Planning is the critical factor that can prevent headaches or nightmares experienced by an organization in times of disaster. Having a disaster recovery plan marks the difference between organizations that can successfully manage crises with minimal cost, effort and with maximum speed, and those organizations that cannot. By having back-up plans, not only for equipment and network recovery, but also detailed disaster recovery plans that precisely outline what steps each person involved in recovery efforts should undertake, an organization can improve their recovery time and minimize the disrupted time for their normal business functions. Thus it is essential that disaster recovery plans are carefully laid

Owning a business can have many stressors day to day. When starting a business there is a lot of planning and preparation involved. Many small businesses are owners who have put their own money into the business and look at it as an investment. Unfortunately with all the planning that goes into starting a business, one thing is often over looked. Most of the time the “what ifs”, are not part of the planning stage. One reason for this is that people do not like to think of the bad things that could or may happen. So with all the time and planning put into starting a business why not put some extra thought into a plan B if a disaster strikes? This plan B could be a business continuity plan or a disaster recovery plan. Business continuity plans are an essential part of the modern day business. There are so many potential disasters for small businesses that could seize the production or even close the business down for good. A recent study from Gartner Inc., found that “90% of companies that experience data loss go out of business within two years. It also found that 80% of company owners have not thought about how they would keep their businesses up and running if a data disaster occurs.” According to the Association of Records Managers and Administrators, “about 60 percent of businesses that experience a major disaster such as a fire close

Valuable assets, including network connectivity, stored data, processes and procedures, and client information can survive centralized disruption or destruction and can be revived quickly through the agency’s

The conventional DRP of the company has not been updated or tested for several years. Under the existing program, system recovery could take up to 20 days which is unacceptable timeframe for a utility relied upon by numerous states for critical infrastructure services.