SlideShare une entreprise Scribd logo

It244 r4 appendix_d1-18-12

Télécharger en tant que DOC, PDF
F
franceco
1  sur  6
Associate Level Material Appendix D Disaster Recovery Plan Student Name: Delroy Francis UNIVERSITY OF PHOENIX IT/244 INTRO TO IT SECURITY Instructor’s Name: JAMES BRYANT Date: 1/19/2012
Disaster Recovery Plan 1. Disaster Recovery Plan Due in Week Three: For your selected scenario, describe the key elements of the Disaster Recovery Plan to be used in case of a disaster and the plan for testing the DRP. I will have a central meeting place for all emergency Management team to meet up at. Each team would evaluated and access the loss or interruption in service which occurred and will get the system back up and running, while instituting plans for coordinating the recovery program, disseminating information and assembling personnel to the various sites. These personnel would assess and decide the severity of the disaster. This would be to declare the incident a disaster versus interruption in service. 1.1. Risk Assessment 1.1.1. Critical business processes List the mission-critical business systems and services that must be protected by the DRP. Enter your text here 1.1.2. Internal, external, and environmental risks Briefly discuss the internal, external, and environmental risks, which might be likely to affect the business and result in loss of the facility, loss of life, or loss of assets. Threats could include weather, fire or chemical, earth movement, structural failure, energy, biological, or human. A natural disaster that could happen would be a tornado or flood that could completely wipe out a building where all the computer equipment is used or stored. By using a DRP all the data could be stored at an off-site location to assure the operations of the company will be able to continue in case of a disaster 1.2. Disaster Recovery Strategy Of the strategies of shared-site agreements, alternate sites, hot sites, cold sites, and warm sites, identify which of these recovery strategies is most appropriate for your selected scenario and why. IT/244 Intro to IT Security Page 1
Disaster Recovery Plan I would choose a “Hot Site” as the hot site would have live communication links, already working , the system would already be ready for a disaster or immediate failover of operations. A “Warm Site” would also have live communication links and some hardware, but would need installation of software and some restoration of media format and data from tape this would take days to several hours for the site to be up and running . A “Cold Site” could be the focal point or the facility where is declared as the meeting point when a disaster is declared, this would be the point where all staff will gather at, this location will typically have external communications, but no software or data which will required more resources . Clearly, the cost associated with a Hot Site is immeasurably different from those of a Cold or Warm Site – So from the initial steps defining importance. So from business a sense and investment, the goal is to protect the business assets. 1.3. Disaster Recovery Test Plan For each testing method listed, briefly describe each method and your rationale for why it will or will not be included in your DRP test plan. Periodic reviews of the plan to ensure it is kept up to date, distributed, and understood. The maintenance of the Disaster Recover and Team Plans is to keep it synchronous with program, hardware, software, physical environment, network and applications changes Disaster Recovery testing verifies that all facets of the Plan have been implemented and have been found to be accurate and sufficient. After initial acceptance of the Plan, ongoing testing on a periodic basis is necessary to ensure the continued viability of its contents Testing can be as simple as examining the existence of documentation, or as complex as simulating a major disaster. This Disaster Recovery Plan is tested for all procedural and organizational aspects and technical recovery capabilities up to but not including testing at contingency site locations IT/244 Intro to IT Security Page 2
Disaster Recovery Plan 1.3.1. Walk-throughs Walk through and inspection would be done by every department, the IT would be implementing where the computer should be stored and create a scenario of the downtime including and estimated up time. Security department should be running drill daily whether there is a disaster or not. Every department should have a log book on when each drill was run including time and department or site, references of those who conducted the drill should be listed on the log. 1.3.2. Simulations Enter your text here 1.3.3. Checklists I would have Separate contact lists for each department this would include the names of all individuals, including their job title and contact information , cell and home phone numbers would be included in the contact lists ,this would be locked in a confidential area of the recovery plan. The contact lists for all outside source and all government entities would be on file in case of a recovery process . 1.3.4. Parallel testing Validating a newer structure for its conformability until management is ready to crossover from the old to the new ,while still continuing with full functional and operational. IT/244 Intro to IT Security Page 3
Disaster Recovery Plan 1.3.5. Full interruption Enter your text here IT/244 Intro to IT Security Page 4
Disaster Recovery Plan 2. References Cite all your references by adding the pertinent information to this section by following this example. American Psychological Association. (2001). Publication manual of the American Psychological Association (5th ed.). Washington, DC: Author. IT/244 Intro to IT Security Page 5

Recommandé

Contingency Planning Guide
Contingency Planning GuideContingency Planning Guide
Contingency Planning Guide
rlynes
 
Pertemuan 15 disaster recovery plan
Pertemuan 15 disaster recovery planPertemuan 15 disaster recovery plan
Pertemuan 15 disaster recovery plan
newbie2019
 
Information system managment disaster recovery
Information system managment disaster recoveryInformation system managment disaster recovery
Information system managment disaster recovery
Ravi Singh Shekhawat
 
Irs intro unit 3 basic features usfs ip (2)
Irs intro unit 3 basic features usfs ip (2)Irs intro unit 3 basic features usfs ip (2)
Irs intro unit 3 basic features usfs ip (2)
neeraj verma
 
Crisis management plan
Crisis management planCrisis management plan
Crisis management plan
Capt SB Tyagi, COAC'CC*,FISM,CSC,
 
Disaster Recovery
Disaster RecoveryDisaster Recovery
Disaster Recovery
Steven Cahill
 
Search algorithm for optimal execution of incident commander guidance in macr...
Search algorithm for optimal execution of incident commander guidance in macr...Search algorithm for optimal execution of incident commander guidance in macr...
Search algorithm for optimal execution of incident commander guidance in macr...
Reza Nourjou, Ph.D.
 
Dynamic RWX ACM Model Optimizing the Risk on Real Time Unix File System
Dynamic RWX ACM Model Optimizing the Risk on Real Time Unix File SystemDynamic RWX ACM Model Optimizing the Risk on Real Time Unix File System
Dynamic RWX ACM Model Optimizing the Risk on Real Time Unix File System
Radita Apriana
 

Recommandé

Contingency Planning Guide
Contingency Planning GuideContingency Planning Guide
Contingency Planning Guide
rlynes
 
Pertemuan 15 disaster recovery plan
Pertemuan 15 disaster recovery planPertemuan 15 disaster recovery plan
Pertemuan 15 disaster recovery plan
newbie2019
 
Information system managment disaster recovery
Information system managment disaster recoveryInformation system managment disaster recovery
Information system managment disaster recovery
Ravi Singh Shekhawat
 
Irs intro unit 3 basic features usfs ip (2)
Irs intro unit 3 basic features usfs ip (2)Irs intro unit 3 basic features usfs ip (2)
Irs intro unit 3 basic features usfs ip (2)
neeraj verma
 
Crisis management plan
Crisis management planCrisis management plan
Crisis management plan
Capt SB Tyagi, COAC'CC*,FISM,CSC,
 
Disaster Recovery
Disaster RecoveryDisaster Recovery
Disaster Recovery
Steven Cahill
 
Search algorithm for optimal execution of incident commander guidance in macr...
Search algorithm for optimal execution of incident commander guidance in macr...Search algorithm for optimal execution of incident commander guidance in macr...
Search algorithm for optimal execution of incident commander guidance in macr...
Reza Nourjou, Ph.D.
 
Dynamic RWX ACM Model Optimizing the Risk on Real Time Unix File System
Dynamic RWX ACM Model Optimizing the Risk on Real Time Unix File SystemDynamic RWX ACM Model Optimizing the Risk on Real Time Unix File System
Dynamic RWX ACM Model Optimizing the Risk on Real Time Unix File System
Radita Apriana
 
RUNNING HEADER Disaster Recovery Plan Information and Documentat.docx
RUNNING HEADER Disaster Recovery Plan Information and Documentat.docxRUNNING HEADER Disaster Recovery Plan Information and Documentat.docx
RUNNING HEADER Disaster Recovery Plan Information and Documentat.docx
anhlodge
 
ISOL 533 - Information Security and Risk Management DIS.docx
ISOL 533 - Information Security and Risk Management DIS.docxISOL 533 - Information Security and Risk Management DIS.docx
ISOL 533 - Information Security and Risk Management DIS.docx
vrickens
 
Planning for contingencies
Planning for contingenciesPlanning for contingencies
Planning for contingencies
Hassanein Alwan
 
Practical_Guide_for_Disaster_Avoidance
Practical_Guide_for_Disaster_AvoidancePractical_Guide_for_Disaster_Avoidance
Practical_Guide_for_Disaster_Avoidance
Joe Soroka
 
Contingency Planning And Disaster Recovery Planning
Contingency Planning And Disaster Recovery PlanningContingency Planning And Disaster Recovery Planning
Contingency Planning And Disaster Recovery Planning
mmohamme1124
 
Disaster recovery plan sample 2
Disaster recovery plan sample 2Disaster recovery plan sample 2
Disaster recovery plan sample 2
AbenetAsmellash
 
Misd chap 12 disaster recovery
Misd chap 12 disaster recoveryMisd chap 12 disaster recovery
Misd chap 12 disaster recovery
Ediey Smile
 
Blog powerpoint
Blog powerpointBlog powerpoint
Blog powerpoint
Londa77
 
Cyber Incident Response Team NIMS Public Comment
Cyber Incident Response Team NIMS Public CommentCyber Incident Response Team NIMS Public Comment
Cyber Incident Response Team NIMS Public Comment
David Sweigert
 
Cyber Incident Response Team - NIMS - Public Comment
Cyber Incident Response Team - NIMS - Public CommentCyber Incident Response Team - NIMS - Public Comment
Cyber Incident Response Team - NIMS - Public Comment
David Sweigert
 
Pre incident plan
Pre incident planPre incident plan
Pre incident plan
Ameer khan Savanur
 
Information Technology Disaster Planning
Information Technology Disaster PlanningInformation Technology Disaster Planning
Information Technology Disaster Planning
guest340570
 
Your company .docx
Your company .docxYour company .docx
Your company .docx
danielfoster65629
 
Emergency
EmergencyEmergency
Emergency
farihahmansor
 
IT Disaster Recovery Plan
IT Disaster Recovery PlanIT Disaster Recovery Plan
IT Disaster Recovery Plan
CallOneTel
 
Copy of exo sylvan
Copy of exo sylvanCopy of exo sylvan
Copy of exo sylvan
Dave Ronca
 
Essay QuestionsAnswer all questions below in a single document, pr.docx
Essay QuestionsAnswer all questions below in a single document, pr.docxEssay QuestionsAnswer all questions below in a single document, pr.docx
Essay QuestionsAnswer all questions below in a single document, pr.docx
jenkinsmandie
 
IT Security and Management - Semi Finals by Mark John Lado
IT Security and Management - Semi Finals by Mark John LadoIT Security and Management - Semi Finals by Mark John Lado
IT Security and Management - Semi Finals by Mark John Lado
Mark John Lado, MIT
 
Sensitive Data Exposure Incident Checklist
Sensitive Data Exposure Incident ChecklistSensitive Data Exposure Incident Checklist
Sensitive Data Exposure Incident Checklist
- Mark - Fullbright
 
2-2b-contingency-planning-swanson-nist.pdf
2-2b-contingency-planning-swanson-nist.pdf2-2b-contingency-planning-swanson-nist.pdf
2-2b-contingency-planning-swanson-nist.pdf
SuriaRao2
 

Contenu connexe

Similaire à It244 r4 appendix_d1-18-12

RUNNING HEADER Disaster Recovery Plan Information and Documentat.docx
RUNNING HEADER Disaster Recovery Plan Information and Documentat.docxRUNNING HEADER Disaster Recovery Plan Information and Documentat.docx
RUNNING HEADER Disaster Recovery Plan Information and Documentat.docx
anhlodge
 
ISOL 533 - Information Security and Risk Management DIS.docx
ISOL 533 - Information Security and Risk Management DIS.docxISOL 533 - Information Security and Risk Management DIS.docx
ISOL 533 - Information Security and Risk Management DIS.docx
vrickens
 
Practical_Guide_for_Disaster_Avoidance
Practical_Guide_for_Disaster_AvoidancePractical_Guide_for_Disaster_Avoidance
Practical_Guide_for_Disaster_Avoidance
Joe Soroka
 
Contingency Planning And Disaster Recovery Planning
Contingency Planning And Disaster Recovery PlanningContingency Planning And Disaster Recovery Planning
Contingency Planning And Disaster Recovery Planning
mmohamme1124
 
Misd chap 12 disaster recovery
Misd chap 12 disaster recoveryMisd chap 12 disaster recovery
Misd chap 12 disaster recovery
Ediey Smile
 
Blog powerpoint
Blog powerpointBlog powerpoint
Blog powerpoint
Londa77
 
Information Technology Disaster Planning
Information Technology Disaster PlanningInformation Technology Disaster Planning
Information Technology Disaster Planning
guest340570
 
Your company .docx
Your company .docxYour company .docx
Your company .docx
danielfoster65629
 
Copy of exo sylvan
Copy of exo sylvanCopy of exo sylvan
Copy of exo sylvan
Dave Ronca
 
Essay QuestionsAnswer all questions below in a single document, pr.docx
Essay QuestionsAnswer all questions below in a single document, pr.docxEssay QuestionsAnswer all questions below in a single document, pr.docx
Essay QuestionsAnswer all questions below in a single document, pr.docx
jenkinsmandie
 
2-2b-contingency-planning-swanson-nist.pdf
2-2b-contingency-planning-swanson-nist.pdf2-2b-contingency-planning-swanson-nist.pdf
2-2b-contingency-planning-swanson-nist.pdf
SuriaRao2
 

Similaire à It244 r4 appendix_d1-18-12 (20)

RUNNING HEADER Disaster Recovery Plan Information and Documentat.docx
RUNNING HEADER Disaster Recovery Plan Information and Documentat.docxRUNNING HEADER Disaster Recovery Plan Information and Documentat.docx
RUNNING HEADER Disaster Recovery Plan Information and Documentat.docx
 
ISOL 533 - Information Security and Risk Management DIS.docx
ISOL 533 - Information Security and Risk Management DIS.docxISOL 533 - Information Security and Risk Management DIS.docx
ISOL 533 - Information Security and Risk Management DIS.docx
 
Planning for contingencies
Planning for contingenciesPlanning for contingencies
Planning for contingencies
 
Practical_Guide_for_Disaster_Avoidance
Practical_Guide_for_Disaster_AvoidancePractical_Guide_for_Disaster_Avoidance
Practical_Guide_for_Disaster_Avoidance
 
Contingency Planning And Disaster Recovery Planning
Contingency Planning And Disaster Recovery PlanningContingency Planning And Disaster Recovery Planning
Contingency Planning And Disaster Recovery Planning
 
Disaster recovery plan sample 2
Disaster recovery plan sample 2Disaster recovery plan sample 2
Disaster recovery plan sample 2
 
Misd chap 12 disaster recovery
Misd chap 12 disaster recoveryMisd chap 12 disaster recovery
Misd chap 12 disaster recovery
 
Blog powerpoint
Blog powerpointBlog powerpoint
Blog powerpoint
 
Cyber Incident Response Team NIMS Public Comment
Cyber Incident Response Team NIMS Public CommentCyber Incident Response Team NIMS Public Comment
Cyber Incident Response Team NIMS Public Comment
 
Cyber Incident Response Team - NIMS - Public Comment
Cyber Incident Response Team - NIMS - Public CommentCyber Incident Response Team - NIMS - Public Comment
Cyber Incident Response Team - NIMS - Public Comment
 
Pre incident plan
Pre incident planPre incident plan
Pre incident plan
 
Information Technology Disaster Planning
Information Technology Disaster PlanningInformation Technology Disaster Planning
Information Technology Disaster Planning
 
Your company .docx
Your company .docxYour company .docx
Your company .docx
 
Emergency
EmergencyEmergency
Emergency
 
IT Disaster Recovery Plan
IT Disaster Recovery PlanIT Disaster Recovery Plan
IT Disaster Recovery Plan
 
Copy of exo sylvan
Copy of exo sylvanCopy of exo sylvan
Copy of exo sylvan
 
Essay QuestionsAnswer all questions below in a single document, pr.docx
Essay QuestionsAnswer all questions below in a single document, pr.docxEssay QuestionsAnswer all questions below in a single document, pr.docx
Essay QuestionsAnswer all questions below in a single document, pr.docx
 
IT Security and Management - Semi Finals by Mark John Lado
IT Security and Management - Semi Finals by Mark John LadoIT Security and Management - Semi Finals by Mark John Lado
IT Security and Management - Semi Finals by Mark John Lado
 
Sensitive Data Exposure Incident Checklist
Sensitive Data Exposure Incident ChecklistSensitive Data Exposure Incident Checklist
Sensitive Data Exposure Incident Checklist
 
2-2b-contingency-planning-swanson-nist.pdf
2-2b-contingency-planning-swanson-nist.pdf2-2b-contingency-planning-swanson-nist.pdf
2-2b-contingency-planning-swanson-nist.pdf
 

It244 r4 appendix_d1-18-12

  • 1. Associate Level Material Appendix D Disaster Recovery Plan Student Name: Delroy Francis UNIVERSITY OF PHOENIX IT/244 INTRO TO IT SECURITY Instructor’s Name: JAMES BRYANT Date: 1/19/2012
  • 2. Disaster Recovery Plan 1. Disaster Recovery Plan Due in Week Three: For your selected scenario, describe the key elements of the Disaster Recovery Plan to be used in case of a disaster and the plan for testing the DRP. I will have a central meeting place for all emergency Management team to meet up at. Each team would evaluated and access the loss or interruption in service which occurred and will get the system back up and running, while instituting plans for coordinating the recovery program, disseminating information and assembling personnel to the various sites. These personnel would assess and decide the severity of the disaster. This would be to declare the incident a disaster versus interruption in service. 1.1. Risk Assessment 1.1.1. Critical business processes List the mission-critical business systems and services that must be protected by the DRP. Enter your text here 1.1.2. Internal, external, and environmental risks Briefly discuss the internal, external, and environmental risks, which might be likely to affect the business and result in loss of the facility, loss of life, or loss of assets. Threats could include weather, fire or chemical, earth movement, structural failure, energy, biological, or human. A natural disaster that could happen would be a tornado or flood that could completely wipe out a building where all the computer equipment is used or stored. By using a DRP all the data could be stored at an off-site location to assure the operations of the company will be able to continue in case of a disaster 1.2. Disaster Recovery Strategy Of the strategies of shared-site agreements, alternate sites, hot sites, cold sites, and warm sites, identify which of these recovery strategies is most appropriate for your selected scenario and why. IT/244 Intro to IT Security Page 1
  • 3. Disaster Recovery Plan I would choose a “Hot Site” as the hot site would have live communication links, already working , the system would already be ready for a disaster or immediate failover of operations. A “Warm Site” would also have live communication links and some hardware, but would need installation of software and some restoration of media format and data from tape this would take days to several hours for the site to be up and running . A “Cold Site” could be the focal point or the facility where is declared as the meeting point when a disaster is declared, this would be the point where all staff will gather at, this location will typically have external communications, but no software or data which will required more resources . Clearly, the cost associated with a Hot Site is immeasurably different from those of a Cold or Warm Site – So from the initial steps defining importance. So from business a sense and investment, the goal is to protect the business assets. 1.3. Disaster Recovery Test Plan For each testing method listed, briefly describe each method and your rationale for why it will or will not be included in your DRP test plan. Periodic reviews of the plan to ensure it is kept up to date, distributed, and understood. The maintenance of the Disaster Recover and Team Plans is to keep it synchronous with program, hardware, software, physical environment, network and applications changes Disaster Recovery testing verifies that all facets of the Plan have been implemented and have been found to be accurate and sufficient. After initial acceptance of the Plan, ongoing testing on a periodic basis is necessary to ensure the continued viability of its contents Testing can be as simple as examining the existence of documentation, or as complex as simulating a major disaster. This Disaster Recovery Plan is tested for all procedural and organizational aspects and technical recovery capabilities up to but not including testing at contingency site locations IT/244 Intro to IT Security Page 2
  • 4. Disaster Recovery Plan 1.3.1. Walk-throughs Walk through and inspection would be done by every department, the IT would be implementing where the computer should be stored and create a scenario of the downtime including and estimated up time. Security department should be running drill daily whether there is a disaster or not. Every department should have a log book on when each drill was run including time and department or site, references of those who conducted the drill should be listed on the log. 1.3.2. Simulations Enter your text here 1.3.3. Checklists I would have Separate contact lists for each department this would include the names of all individuals, including their job title and contact information , cell and home phone numbers would be included in the contact lists ,this would be locked in a confidential area of the recovery plan. The contact lists for all outside source and all government entities would be on file in case of a recovery process . 1.3.4. Parallel testing Validating a newer structure for its conformability until management is ready to crossover from the old to the new ,while still continuing with full functional and operational. IT/244 Intro to IT Security Page 3
  • 5. Disaster Recovery Plan 1.3.5. Full interruption Enter your text here IT/244 Intro to IT Security Page 4
  • 6. Disaster Recovery Plan 2. References Cite all your references by adding the pertinent information to this section by following this example. American Psychological Association. (2001). Publication manual of the American Psychological Association (5th ed.). Washington, DC: Author. IT/244 Intro to IT Security Page 5