Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

It244 r4 appendix_d1-18-12


Published on

  • Be the first to comment

  • Be the first to like this

It244 r4 appendix_d1-18-12

  1. 1. Associate Level Material Appendix D Disaster Recovery Plan Student Name: Delroy Francis UNIVERSITY OF PHOENIX IT/244 INTRO TO IT SECURITY Instructor’s Name: JAMES BRYANT Date: 1/19/2012
  2. 2. Disaster Recovery Plan1. Disaster Recovery PlanDue in Week Three: For your selected scenario, describe the key elements of the Disaster Recovery Planto be used in case of a disaster and the plan for testing the DRP. I will have a central meeting place for all emergency Management team to meet up at. Each teamwould evaluated and access the loss or interruption in service which occurred and will get the systemback up and running, while instituting plans for coordinating the recovery program, disseminatinginformation and assembling personnel to the various sites. These personnel would assess and decidethe severity of the disaster. This would be to declare the incident a disaster versus interruption inservice. 1.1. Risk Assessment 1.1.1. Critical business processes List the mission-critical business systems and services that must be protected by the DRP. Enter your text here 1.1.2. Internal, external, and environmental risks Briefly discuss the internal, external, and environmental risks, which might be likely to affect the business and result in loss of the facility, loss of life, or loss of assets. Threats could include weather, fire or chemical, earth movement, structural failure, energy, biological, or human. A natural disaster that could happen would be a tornado or flood that could completely wipe out a building where all the computer equipment is used or stored. By using a DRP all the data could be stored at an off-site location to assure the operations of the company will be able to continue in case of a disaster 1.2. Disaster Recovery Strategy Of the strategies of shared-site agreements, alternate sites, hot sites, cold sites, and warm sites, identify which of these recovery strategies is most appropriate for your selected scenario and why.IT/244 Intro to IT Security Page 1
  3. 3. Disaster Recovery Plan I would choose a “Hot Site” as the hot site would have live communication links, already working , the system would already be ready for a disaster or immediate failover of operations. A “Warm Site” would also have live communication links and some hardware, but would need installation of software and some restoration of media format and data from tape this would take days to several hours for the site to be up and running . A “Cold Site” could be the focal point or the facility where is declared as the meeting point when a disaster is declared, this would be the point where all staff will gather at, this location will typically have external communications, but no software or data which will required more resources . Clearly, the cost associated with a Hot Site is immeasurably different from those of a Cold or Warm Site – So from the initial steps defining importance. So from business a sense and investment, the goal is to protect the business assets. 1.3. Disaster Recovery Test Plan For each testing method listed, briefly describe each method and your rationale for why it will or will not be included in your DRP test plan. Periodic reviews of the plan to ensure it is kept up to date, distributed, and understood. The maintenance of the Disaster Recover and Team Plans is to keep it synchronous with program, hardware, software, physical environment, network and applications changes Disaster Recovery testing verifies that all facets of the Plan have been implemented and have been found to be accurate and sufficient. After initial acceptance of the Plan, ongoing testing on a periodic basis is necessary to ensure the continued viability of its contents Testing can be as simple as examining the existence of documentation, or as complex as simulating a major disaster. This Disaster Recovery Plan is tested for all procedural and organizational aspects and technical recovery capabilities up to but not including testing at contingency site locationsIT/244 Intro to IT Security Page 2
  4. 4. Disaster Recovery Plan 1.3.1. Walk-throughs Walk through and inspection would be done by every department, the IT would be implementing where the computer should be stored and create a scenario of the downtime including and estimated up time. Security department should be running drill daily whether there is a disaster or not. Every department should have a log book on when each drill was run including time and department or site, references of those who conducted the drill should be listed on the log. 1.3.2. Simulations Enter your text here 1.3.3. Checklists I would have Separate contact lists for each department this would include the names of allindividuals, including their job title and contact information , cell and home phone numbers would beincluded in the contact lists ,this would be locked in a confidential area of the recovery plan. Thecontact lists for all outside source and all government entities would be on file in case of a recoveryprocess . 1.3.4. Parallel testingValidating a newer structure for its conformability until management is ready to crossover fromthe old to the new ,while still continuing with full functional and operational.IT/244 Intro to IT Security Page 3
  5. 5. Disaster Recovery Plan 1.3.5. Full interruption Enter your text hereIT/244 Intro to IT Security Page 4
  6. 6. Disaster Recovery Plan2. ReferencesCite all your references by adding the pertinent information to this section by following this example.American Psychological Association. (2001). Publication manual of the American Psychological Association (5th ed.). Washington, DC: Author.IT/244 Intro to IT Security Page 5