StudyDaddy Business & Finance disaster recovery and business continuity plans

disaster recovery and business continuity plans

Running Head: DISASTER RECOVERY AND BUSINESS CONTINUITY PLAN 1

Comparing your organization’s disaster recovery and business continuity plans with the best practices 

Name of the author

Institutional affiliation

Author Note

Program

Abstract

In the event of a disaster, it is imperative that we reference this plan to help minimize the overall impact of the disaster. The most important part of the plan is that we run nightly backups of the most crucial applications (McLaughlin, 2013). Anything that is needed for daily operations should have a backup scheduled nightly so that, in case of an emergency, we can essentially run off of the backups while the IT Team works to make everything functional again. These specific backups should take place at each of the sites, so that they can temporarily run off of the basic backup. At our two datacenters is where we will perform the full backup of each of the sites. These backups will be used in case of an emergency, but the sites will still be able to run off of the most crucial programs using the data that has been backed up. The incremental backups in the datacenter can be used to help with recovering the databases, once we find out what caused the specific issue (Snedaker, 2013).

Developing plans and procedures

Continuity of operations plan (COOP) focuses on restoring an organization’s essential business functions at an alternate site and performing those functions for up to30 days before returning to normal operations. It is a part of BCP.

•Business resumption planning (BRP) (or Business Recovery Planning) addresses the restoration of business processes after an emergency. It is often apart of BCP.

•Crisis communications plan is a plan for both internal and public communications in a crisis event. It is often a part of BCP.–Internal for coordination of organizational resources.–External to ensure that only approved statements are released to the public.


Selecting the DR team and Contingency Planning Guide for IT Systems

•Cyber incident response plan is a specific BCP that establishes procedures to address cyber attacks against an organization’s IT system(s).

•Disaster recovery planning (DRP) addresses the recovery of a damaged facility or components back to normal business operations.

•Disaster recovery plan is a set of procedures that enables an organization to:–Respond to disaster in accordance to a pre-defined disaster level.–Assess damage & estimate time required to resume operations.–Perform salvage & repair.

Prioritizing systems and functions for recovery

•Occupant emergency plan (OEP) provides the response procedures for occupants of a facility in the event of a situation posing a potential threat to the health and safety of personnel, the environment, or property. Life Cycle of Business Continuity

•Sustain business operations

•Recover/resume business operations

•Protect business assets (People, reputation, and tangible assets).

Procedures for special circumstances and testing the disaster recovery plan

•Phase I: Project Initiation

•Phase II: Business Impact Analysis (BIA)

•Phase III: Recovery Strategy

•Phase IV: Plan Design &Development

•Phase V: Implementation

•Phase VI: Testing

•Phase VII: Maintenance, Awareness, and Training.

Data storage and recovery sites,

Over time, the Disaster Recovery needs of the enterprise will change. As a result of these two factors this plan will need to be tested on a periodic basis to discover errors and omissions and will need to be maintained to address them (Maitra, 2010). Maintenance The DRP will be updated Bi-annually or any time a major system update or upgrade is performed, whichever is more often.

Assessing risks and impacts

The Disaster Recovery Lead will be responsible for updating the entire document, and so is permitted to request information and updates from other employees and departments within the organization in order to complete this task.

Maintenance of the plan will include (but is not limited to) the following:

1. Ensuring that all team lists are up to date.

2. Reviewing the plan to ensure that all of the instructions are still relevant to the organization.

3. Making any major changes and revisions in the plan to reflect organizational shifts, changes and goals.

4. Ensuring that the plan meets any requirements specified in new laws During the Maintenance periods, any changes to the Disaster Recovery Teams must be accounted for.

If any member of a Disaster Recovery Team no longer works with the company, it is the responsibility of the Disaster Recovery Lead to appoint a new team member. Testing DLIS is committed to ensuring that this DRP is functional. The DRP should be tested every 6 Months in order to ensure that it is still effective (Myers, 1993).

Conclusion

Testing the plan will be carried out as follows:

1) Walkthroughs- Team members verbally go through the specific steps as documented in the plan to confirm effectiveness, identify gaps, bottlenecks or other weaknesses. This test provides the opportunity to review a plan with a larger subset of people, allowing the DRP project manager to draw upon a correspondingly increased pool of knowledge and experiences. Staff should be familiar with procedures, equipment, and offsite facilities.

2) Simulations- A disaster is simulated so normal operations will not be interrupted. Hardware, software, personnel, communications, procedures, supplies and forms, documentation, transportation, utilities, and alternate site processing should be thoroughly tested in a simulation test. However, validated checklists can provide a reasonable level of assurance for many of these scenarios. Analyze the output of the previous tests carefully before the proposed simulation to ensure the lessons learned during the previous phases of the cycle have been applied.

3) Full-Interruption Testing- A full-interruption test activates the total DRP. The test is likely to be costly and could disrupt normal operations, and therefore should be approached with caution. The importance of due diligence with respect to previous DRP phases cannot be overstated. Any gaps in the DRP that are discovered during the testing phase will be addressed by the Disaster Recovery Lead as well as any resources that he/she will require.


References

McLaughlin, K. (2013). Disaster recovery and business continuity planning. Information Security Fundamentals, 145.

Maitra, S. (2010, February). Disaster recovery and business continuity planning. In Proceedings of the International Conference and Workshop on Emerging Trends in Technology(pp. 1001-1001). ACM.

Snedaker, S. (2013). Business continuity and disaster recovery planning for IT professionals. Newnes.

Myers, K. N. (1993). Total Contingency Planning for Diasters: Managing Risk... Minimizing Loss... Ensuring Business Continuity. John Wiley & Sons, Inc..

Have a similar question?

Continue to edit or attach image(s).

  • Fast and convenient

    Fast and convenient

    Simply post your question and get it answered by professional tutor within 30 minutes. It's as simple as that!

  • Any topic, any difficulty

    Any topic, any difficulty

    We've got thousands of tutors in different areas of study who are willing to help you with any kind of academic assignment, be it a math homework or an article.

  • 100% Satisfied Students

    100% Satisfied Students

    Join 3,4 million+ members who are already getting homework help from StudyDaddy!