Your SlideShare is downloading. ×
0
Business continuity for Information Systems
Business continuity for Information Systems
Business continuity for Information Systems
Business continuity for Information Systems
Business continuity for Information Systems
Business continuity for Information Systems
Business continuity for Information Systems
Business continuity for Information Systems
Business continuity for Information Systems
Business continuity for Information Systems
Business continuity for Information Systems
Business continuity for Information Systems
Business continuity for Information Systems
Business continuity for Information Systems
Business continuity for Information Systems
Business continuity for Information Systems
Business continuity for Information Systems
Business continuity for Information Systems
Business continuity for Information Systems
Business continuity for Information Systems
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

Business continuity for Information Systems

747

Published on

for COOP process

for COOP process

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
747
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
3
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. Business Continuity for Information Systems State of Utah – October 2006
  • 2. Business Continuity <ul><li>The Critical Infrastructure Protection Directive (PDD-63) calls for a national-level effort to assure the security of the increasingly vulnerable and interconnected infrastructures of the United States. </li></ul><ul><li>The State of Utah provides many critical services, supported by information technology) that would be essential during an emergency </li></ul>
  • 3. Why is it important? <ul><li>Services must be provided when emergencies occur, such as: </li></ul><ul><ul><li>Fire </li></ul></ul><ul><ul><li>Flooding </li></ul></ul><ul><ul><li>Other weather-related hazards </li></ul></ul><ul><ul><li>Hazardous chemicals </li></ul></ul><ul><ul><li>Cyber-attacks and system failures are a reality </li></ul></ul><ul><ul><li>Earthquake </li></ul></ul><ul><ul><li>Terrorism </li></ul></ul>
  • 4. Continuity of Operations (COOP) <ul><ul><li>An internal effort within an organization to assure that the capability exists to continue essential business functions across a wide range of potential emergencies. </li></ul></ul>
  • 5. Elements of a Viable COOP <ul><li>A Succession Plan and Delegation of Authority </li></ul><ul><li>Alternate facilities </li></ul><ul><li>Safekeeping of Vital Records </li></ul><ul><li>Security </li></ul><ul><li>Interoperable Communications </li></ul><ul><li>A regular COOP Training, Testing and Exercise program </li></ul><ul><li>source: GSA Emergency Management Office </li></ul>A viable COOP needs to include:
  • 6. Systems Assessment <ul><li>In 2006, DTS, in cooperation with Public Safety, completed an assessment of information systems and IT infrastructure: </li></ul><ul><li>Reviewed 1500 information systems and components </li></ul><ul><li>Hardware Infrastructure </li></ul><ul><li>Communications systems </li></ul><ul><li>Analyzed systems based on criticality in an emergency scenario </li></ul>
  • 7. Key Infrastructure Capabilities <ul><li>Redundant, Self-Healing Network </li></ul><ul><ul><li>SONET Ring </li></ul></ul><ul><ul><li>Geographic Hubs </li></ul></ul><ul><li>Alternate Data Center in Richfield </li></ul><ul><ul><li>Alternate internet connection </li></ul></ul><ul><ul><li>Redundant paths to SONET ring </li></ul></ul><ul><li>Voice Communications </li></ul><ul><ul><li>3 Omnilink controllers connect 800 MHz, VHF, and other radio communications statewide </li></ul></ul>
  • 8. COOP Tiers <ul><li>System is critical during the first 24 hours of the emergency / disaster </li></ul><ul><li>System must be available within the first 7 days following the disaster </li></ul><ul><li>System must be available within the first 30 days </li></ul>
  • 9. Funding requirement To bring all systems that have been identified as having Tier 1 and Tier 2 COOP requirements up to that level of preparedness would require estimated funding of $18.9 million . * see COOP systems report for detail
  • 10. Business Continuity Needs <ul><li>Based on a total estimated need (tier 1 and 2) of $18.9 million </li></ul><ul><li>Data does not include: Courts, Legislature, Higher Education, Public Education </li></ul>Values are in millions of dollars
  • 11. Key Functions for Business Continuity <ul><li>Authentication Infrastructure </li></ul><ul><li>Support for vulnerable populations </li></ul><ul><li>Financial systems </li></ul><ul><li>Emergency response systems </li></ul><ul><li>Alert and notifications </li></ul><ul><li>Voice and data communications </li></ul><ul><li>Information systems supporting emergency support functions </li></ul>
  • 12. Emergency Support Functions <ul><li>Transportation </li></ul><ul><li>Communications </li></ul><ul><li>Public Works and Engineering </li></ul><ul><li>Firefighting </li></ul><ul><li>Emergency Management </li></ul><ul><li>Mass Care, Housing, and Human Services </li></ul><ul><li>Long Term Community Recovery </li></ul><ul><li>Public Health and Medical Services </li></ul><ul><li>Resource Support </li></ul><ul><li>Urban Search and Rescue </li></ul><ul><li>Oil & Hazardous Materials </li></ul><ul><li>Agriculture and Natural Resources </li></ul><ul><li>Energy </li></ul><ul><li>Public Safety and Security </li></ul>
  • 13. Tier 1 State of Utah Systems <ul><li>Offender Tracking (Corrections) </li></ul><ul><li>Utah Law Enforcement Intelligence Network (Public Safety) </li></ul><ul><li>Vital Records (Health) </li></ul><ul><li>Utah Notification Information System (Health) </li></ul><ul><li>Financial Systems (DAS) </li></ul><ul><li>Statewide Radio Connectivity (DTS) </li></ul><ul><li>Utah Criminal Justice Information System (UCJIS) </li></ul><ul><li>Utah Highway Patrol Information System (DPS) </li></ul><ul><li>* these are representative, not all inclusive </li></ul>
  • 14. Risk of not addressing Tier One <ul><li>Disruption in financial payments to employees, citizens, and state vendors during a critical outage </li></ul><ul><li>Inability of first responders to communicate effectively across the state </li></ul><ul><li>Loss of life </li></ul><ul><li>Increased property damage and financial loss during an emergency </li></ul>
  • 15. Tier 2 State of Utah Systems <ul><li>Claims Management (DAS) </li></ul><ul><li>Special Needs Housing (DHS) </li></ul><ul><li>Insurance Licensing & Regulation (Insurance) </li></ul><ul><li>Drivers License (DPS) </li></ul><ul><li>Motor Carrier (UDOT) </li></ul><ul><li>Licensing Enforcement (Commerce) </li></ul><ul><li>* these are representative, not all inclusive </li></ul>
  • 16. Risk of not addressing Tier Two <ul><li>Reduced ability to respond to claims during a period of substantially increased demand </li></ul><ul><li>Limited ability to care for vulnerable populations </li></ul><ul><li>Reduced ability to deal with need of increased transport for goods and services </li></ul><ul><li>Increased risk to the public </li></ul>
  • 17. Tier 3 Examples <ul><li>Safe Drinking Water Information System </li></ul><ul><li>Laboratory Support Systems </li></ul><ul><li>Medicaid </li></ul><ul><li>Air Quality Monitoring Network </li></ul><ul><li>Unemployment Insurance </li></ul><ul><li>Core Tax Systems </li></ul><ul><li>* these are representative, not all inclusive </li></ul>
  • 18. Richfield Alternate Data Center Capabilities: different earthquake zone from Wasatch Front, 4 microwave and 1 fiber path to core state network, backup mainframe, backup power (UPS and generator), alternate internet connection, staffed 24x7 Can be used to house all business resumption capabilities. * Will need to be expanded if tier 1,2, and 3 COOP is implemented
  • 19. Richfield Systems <ul><li>University Hospital </li></ul><ul><li>Administrative Computing (U. of Utah) </li></ul><ul><li>Davis School District </li></ul>These systems (outside the executive branch) are currently housed at the Richfield data center to provide business continuity services:
  • 20. In Summary <ul><li>Information Systems </li></ul><ul><ul><li>Tier One: 14 systems in 4 agencies Est. Tier One: $5,342,500 </li></ul></ul><ul><ul><li>Tier Two: 63 systems in 11 agencies Est. Tier Two: $8,040,000 </li></ul></ul><ul><ul><li>Systems Implemented: ORSIS, ABC business systems, some Public Safety systems </li></ul></ul><ul><li>Infrastructure: Much of the core infrastructure for business continuity is already in place. </li></ul><ul><ul><li>Est. Infrastructure: $1,376,000 </li></ul></ul><ul><li>Communications: $1,600,000 </li></ul><ul><li>Est. Personnel and Training: $2,400,000 </li></ul>

×