SlideShare a Scribd company logo

Disaster and RecoveryBusiness Impact AnalysisSystem .docx

Download as DOCX, PDF
D
duketjoy27252

Disaster and Recovery Business Impact Analysis System Description/Purpose Impact to business if degradation Estimated Downtime Resource Requirements. Business Contingency Plan Incident Response Policy Purpose Identifying and Reporting Incidents Mitigation and Containment Questions? Overview Shawn Kirkland Purpose Determine mission/business processes and recovery criticality. Identify resource requirements. Identify recovery priorities for system resources. System Description/Purpose Impact to business if degradation Estimated Downtime Resource Requirements. Business Impact Analysis Shawn Kirkland Determine mission/business processes and recovery criticality. Mission/business processes supported by the system are identified and the impact of a system disruption to those processes is determined along with outage impacts and estimated downtime. The downtime should reflect the maximum that an organization can tolerate while still maintaining the mission.  Identify resource requirements. Realistic recovery efforts require a thorough evaluation of the resources required to resume mission/business processes and related interdependencies as quickly as possible.  Examples of resources that should be identified include facilities, personnel, equipment, software, data files, system components, and vital records. Identify recovery priorities for system resources. Based upon the results from the previous activities, system resources can more clearly be linked to critical mission/business processes. Priority levels can be established for sequencing recovery activities and resources. This document is used to build the Dream Landing’s Database Server Information System Contingency Plan (ISCP) and is included as a key component of the ISCP. It also may be used to support the development of other contingency plans associated with the system, including, but not limited to, the Disaster Recovery Plan (DRP) or Cyber Incident Response Plan. 3 Operating System Microsoft Windows Server 2008 R2 Application Microsoft SQL Server 2008 Enterprise Edition Hardware Dell R720 Location Server Rack on second floor server room. Connection System Administrator connects via local area network. Other users connect remotely DR Method 1 Full backup weekly and dailies every day. 3 hours after close of business. System Description Shawn Kirkland The Dream Landing’s database server is comprised of Microsoft SQL Server 2008 Enterprise Edition installed and running on Microsoft Windows Server 2008 R2; this platform is housed on a Dell R720 server-class system. The database server is located in the server rack located on the second floor server room. Local administrators connect directly through the local area network; other users connect indirectly through the web server. Daily snapshot backup operations are conducted every day 3 hours after close of business. 4 ImpactMission/Business ProcessDescriptionQuery customer recordDatabase retrieval of customer.

Education
1 of 20
Disaster and Recovery Business Impact Analysis System Description/Purpose Impact to business if degradation Estimated Downtime Resource Requirements. Business Contingency Plan Incident Response Policy Purpose Identifying and Reporting Incidents Mitigation and Containment Questions? Overview Shawn Kirkland Purpose Determine mission/business processes and recovery criticality. Identify resource requirements. Identify recovery priorities for system resources. System Description/Purpose Impact to business if degradation Estimated Downtime Resource Requirements.
Business Impact Analysis Shawn Kirkland Determine mission/business processes and recovery criticality. Mission/business processes supported by the system are identified and the impact of a system disruption to those processes is determined along with outage impacts and estimated downtime. The downtime should reflect the maximum that an organization can tolerate while still maintaining the mission. Identify resource requirements. Realistic recovery efforts require a thorough evaluation of the resources required to resume mission/business processes and related interdependencies as quickly as possible. Examples of resources that should be identified include facilities, personnel, equipment, software, data files, system components, and vital records. Identify recovery priorities for system resources. Based upon the results from the previous activities, system resources can more clearly be linked to critical mission/business processes. Priority levels can be established for sequencing recovery activities and resources. This document is used to build the Dream Landing’s Database Server Information System Contingency Plan (ISCP) and is included as a key component of the ISCP. It also may be used to support the development of other contingency plans associated with the system, including, but not limited to, the Disaster Recovery Plan (DRP) or Cyber Incident Response Plan. 3
Operating System Microsoft Windows Server 2008 R2 Application Microsoft SQL Server 2008 Enterprise Edition Hardware Dell R720 Location Server Rack on second floor server room. Connection System Administrator connects via local area network. Other users connect remotely DR Method 1 Full backup weekly and dailies every day. 3 hours after close of business. System Description Shawn Kirkland The Dream Landing’s database server is comprised of Microsoft SQL Server 2008 Enterprise Edition installed and running on Microsoft Windows Server 2008 R2; this platform is housed on a Dell R720 server-class system. The database server is located in the server rack located on the second floor server room. Local administrators connect directly through the local area network; other users connect indirectly through the web server. Daily snapshot backup operations are conducted every day 3 hours after close of business. 4 ImpactMission/Business ProcessDescriptionQuery customer recordDatabase retrieval of customer information (e.g. address, phone, payment information)Store customer transactionRecording of customer purchases and
creditsAuthenticate user name and passwordStored procedure verifying user credentials Impact values Severe = $100,000 Moderate = $50,000 Minimal = $10,000 Mission/Business ProcessImpact CategoryMinimalModerateHighSevereImpactQuery customer recordxMinimalStore customer transactionxSevereAuthenticate user name and passwordxModerate Jamarcus White Impact values for assessing category impact: Severe = $100,000 Moderate = $50,000 Minimal = $10,000 Mission/Business Process Impact Category MinimalModerateHighSevereImpact Query customer recordxMinimal Store customer transactionxSevere Authenticate user name and passwordxModerate 5 Estimated DowntimeMission/Business ProcessMTDRTORPOQuery customer record48 hours24 hours8 hoursStore customer transaction24 hours12 hours4 hoursAuthenticate user name and password36 hours24 hours8 hours MTD RTO
RPO Jamarcus White Maximum Tolerable Downtime (MTD). The MTD represents the total amount of time leaders/managers are willing to accept for a mission/business process outage or disruption and includes all impact considerations. Determining MTD is important because it could leave continuity planners with imprecise direction on (1) selection of an appropriate recovery method, and (2) the depth of detail which will be required when developing recovery procedures, including their scope and content. Recovery Time Objective (RTO). RTO defines the maximum amount of time that a system resource can remain unavailable before there is an unacceptable impact on other system resources, supported mission/business processes, and the MTD. Determining the information system resource RTO is important for selecting appropriate technologies that are best suited for meeting the MTD. Recovery Point Objective (RPO). The RPO represents the point in time, prior to a disruption or system outage, to which mission/business process data must be recovered (given the most recent backup copy of the data) after an outage. 6 Resource RequirementsSystem Resource/ComponentPlatform/OS/Version (as applicable)DescriptionServer-class SystemDell R720Rack- mounted systemWindows Server2008 R2Host operating systemMicrosoft SQL Server2008Database management systemDatabase filesLatest, or latest snapshot if neededBinary
files containing data Garrett Grey System Resource/ComponentPlatform/OS/Version (as applicable)Description Server-class SystemDell R720Rack-mounted system Windows Server2008 R2Host operating system Microsoft SQL Server2008Database management system Database filesLatest, or latest snapshot if neededBinary files containing data 7 CEO consults department leads to consider time for recovery and determine need for business contingency. CEO announces business contingency is in effect. CEO works with local authorities to ensure human safety as needed. Network managers and technicians move network operations to warm site. IT managers and technicians assess ability to move existing systems to warm site. IT managers and technicians requisition new equipment to be delivered to warm site as needed. Technicians validate warm site's network infrastructure and telecommunications capabilities. IT managers and technicians install/restore systems at warm site. Technicians connect systems to warm site network. Technicians update public domain name records. Technicians inform customer service representatives of changes to telephone numbers, public IP addresses, etc. Customer service representatives contact customers with new
contact information. Business Contingency plan Garrett Grey Try to summarize this the best you can. Don’t read word for word as that will bore the planet into sleeping. Use the imagination. 8 Purpose Scope Definitions Incident Response Policy Garrett Grey Just say “ In the IR Policy we have Purpose, Scope, and Definitions. This slide is just for show really. 9 Purpose Scope Definitions Information Systems Security Incident Physical Security Purpose
Dallas Jones 1.2 Purpose The purpose of this policy is to outlay protocols and guidelines on how to effectively respond to incidents or events that affects the computers, data, or networks of Dream Land Department of Information Resources. 1.3 Scope This policy explicitly applies to all departments and individual users of Dream Landing. Users who travel remotely and VPN into the main office shall also adhere to this policy. Any individual who has been issued an electronic or compute device, which includes cell phones, pagers, PDAs, iPads, and Android devices, maintains a fiduciary obligation to this organization. All networking resources, including servers, PCs, switches, routers, firewalls, and additional compute equipment is included within this policy. 1.4 Definitions Information Systems: is defined as computers/mainframes that are used for collecting, storing processing data and delivering information. The primary operating system used for this information system is Microsoft Operating System (OS). Servers are also defined as information systems because they provide resources to be utilized for employees of Dream Land organization and external users. Security Incident: is defined as an event in which there is a diversion from the normal security regulations. The unintentional disclosure, compromise of data, an unauthorized activity that disrupts the confidentiality, integrity, and/or the availability of Information systems.
Physical Security: physical protocols put into place to prevent human intrusion into a secure of confidential area. These protocols include key-pads, dead-bolt lock doors, security cameras, and personnel. 10 Employees IT Technicians Severity Levels Level 1 Level 2 Level 3 Level 4 Identifying and Reporting Incidents Dallas Jones i. Employees: In the event of a Security incident, including suspicious events, all users must report promptly to the Computer Security Incident Response Team (CSIRT)/IT Technician, and/or company owner for issues relating to but not limited worms, viruses, spyware, malware, denial of service attacks, or other unusual encounters. ii. IT Technician: The IT Technician must examine and determine if the attack is real and designate a severity level. If the severity is of significant level to alert and seek additional CSIRT support, the IT Technician will do so. The technician may also contact the CERT Coordination Center, which has the most recent information on viruses and worms. Severity Levels a) Severity Level One- a security incident that detected on an
internal system that can be handled by anti-virus software (AVG) b) Severity Level Two- small numbers of system probes detected on external systems c) Severity Level Three- if a penetration or denial of service attempt(s) with limited impact on operations is detected and anti-virus software cannot handle it, this severity should be used because of potential risk to finances and public relation. d) Severity Level Four- a threat to public safety or life 11 Eradication Restoration Log Of Security Incident Annual Report Mitigation and Containment Dallas Jones Eradication & Restoration i. Eradication- Once the origins of the problem are identified, all malicious code and corrupting Security incidents are removed. The magnitude of damage must be assessed and a plan of action prepared and communicated to the appropriate parties ii. Restoration- Once the above protocols are taken care of and upon authorization by the CSIRT/IT Technician and owner, the availability of affected systems, devices and network can be restored. Documentation i. Log of Security Incident – CSIRT/IT Technician shall maintain a log of all Security Incidents recording the date, time of recognition, the affected computer or device, a summary of
the intrusion and the corrective measure taken to solve the issue. I . Annual Report - CSIRT/IT Technician shall report annually to the CEO providing statistics and summary-level information about significant incidents reported, and provide recommendation to mitigate from known risk. 12 Questions? CONTINGENCY PLAN POLICY PURPOSE The Contingency Plan is established to reduce the threat of theft, fraud and misuse of company resources through detailed procedures that provide guidelines for the notification, documentation, evaluation and assessment, monitoring and auditing, training, and response and recovery relating to all information security incidents that impact the confidentiality, integrity, and availability of Dream Landing Information Data and related networks. The Contingency Plan is established to reduce the threat of theft, fraud and misuse of company resources through detailed procedures that provide guidelines for the notification, response, and recovery of incidents from all threat levels that impact the confidentiality, integrity, and availability of Dream Landing Information Data and related networks. To ensure the protection of all shareholders and informational
assets, strict adherence and enforcement of the plan is mandatory. In order to maximize effectiveness and success of normal operations, the plan will assign roles and responsibilities to both management and subordinates, set rules and regulations that govern all activities, designate resources necessary for the plan’s implementation, and outline procedural steps to ensure internal and external coordination. ORGANIZATIONAL POSITION Dream Landing has a legal and professional responsibility to its shareholders to protect all sensitive, personal, and private information. In order to fulfill this obligation, proactive measures, timely responses, and immediate restoration of critical business activities must be in compliance with Federal and State laws. APPLICABILITY/SCOPE All functions, resources, and operations of Dream Landing are subject to the guidelines and provisions of this policy. Use of the following Dream Landings information assets and networked systems subject to this policy include: Lenovo Desktop PC'S, Laser Jet Printers, Dell Servers, Easy Book Travel Booking Software, Heartland America Co Payment client-server interface, Windows Server 2008 Network Operating System, Gmail, SME Light HR Tools, and Office Pro Security. Directors, officers, and employees, including contractual employees, third party vendors and the secondary affiliates of third party vendors who use, access, handle, and maintain company software/hardware are subject and subordinate to the terms of this policy. RESPONSIBILITY It is the responsibility of Dream Landing, under the direction of the Information Security Officer (ISO), Mr. Chen, in conjunction with the IT Technician and Privacy Officer (PO), Matt Dudley, to define, implement, administer, enforce, and
monitor all procedures outlined throughout the Contingency Plan (CP). Mr. Chen periodically reviews, evaluates, and tests the plan for updates, changes and modifications and ensures compliance within applicable Federal and State laws. The ISO, Mr. Chen directs all actions taken by staff, personnel, contractors, and vendors in response to security incidents. All employees will comply fully and completely with the policy and procedures detailed in this document to include: reading and the learning the material outlined in the CP Handbook/Manual, thereby ensuring their ability to thoroughly carry out each articulated step in the IR plan, attend training, report incidents, perform routine safeguards, and follow the directives of the ISO/PO as instructed. The Human Resources Department, Legal Council, and Office of Public Relations will work in coordination with the ISO/PO to ensure compliance with all Federal and State Laws, Privacy Rights Rules and Regulations, with special consideration for Public and Community Interests. In summary, it is the responsibility of all shareholders to know, enact, and comply with all policy, procedures, rules, and regulations of the Contingency Plan, report all incidents of security threats/breaches, and to periodically attend training on all elements of the plan. Reporting Structure The ISO is the Primary Director of the plan, to whom all are subordinate.. The PO is Secondary to the ISO, to whom he directly reports. All employees, contractors, vendors, and business partners are subordinate to the ISO/PO,
to whom they directly report. ASSESSMENT AND EVALUATION The ISO and the PO are responsible for testing and validating the plan. Testing shall be administered semi-annually. The testing shall include risk assessment and a business impact analysis performed by the CPMT. The purpose of this testing is to ensure that the shareholders of the company are knowledgeable and capable of performing assigned tasks in accordance with the contingency plan. It is also to ensure that the plan effectively identifies and minimizes threats, details and characterizes the appropriate responses, and allows the restoration of all normal operations within a reasonable time. CONTINGENCY PLAN POLICY The CP team composed of the ISO, Mr Chen, and the PO, Matt Dudley, will define, implement, administer, enforce, monitor, develop, test, and maintain the Dream Landing Contingency Plan. The plan should contain the following: Identity of all mission critical applications, ranked according to their priority and maximum permissible outage. Provide an inventory of all hardware and software that comprise the network system. Schedule frequency of all application, data, software, and databases backup. Identify where back up are stored and who has access. Identify the roles and responsibilities of all stakeholders. Identify the name, contact information, and service provided by all third party vendors.
Set and establish procedural steps in the preparation, address, and remediation of identified security threats. Detail and establish standards of appropriate use and security measures for all hardware, software, and data assets. Detail and establish the notification, documentation, and reporting process for all security incidents. Detail and establish testing, monitoring, and evaluation procedures for the contingency plan. Provide for the training on all details of the Contingency Plan to all stakeholders. Empower the necessary internal departments to make available their services and coordinate activities with the committee in the administration and facilitation of the Contingency Plan, to include the HR, Legal, and Public Relations Department. COMPLIANCE All stakeholders that process applications critical to the performance of Dream Landings mission are subject to the technical and operation requirements set by the PCI Security Standard Council that ensures the protection of customer/client data in the processing of credit card payments through routine inventory of IT systems and processes for credit card payments, the remediation of any known vulnerabilities in the services provided, and full compliance reporting to the respective banks and card companies of which we do business. SUPPLEMENTAL INFORMATION Third party vendors, who are equal stakeholders in the CP are as follows:
BUSINESS SERVICES PROVIDED SME Light Human Resources/Payroll/Taxes C/S Office Pro Security Upgrades (to SME Light) Charter Communications Internet, Phone SaaS
Solution s Easy Book Travel Booking Heartland American Co. Credit Care Payments Google
Email ADT Building Security POINTS OF CONTACT Information Security Officer Mr. Chen xxx-xxx-xxxx Privacy Officer
Matt Dudley xxx-xxx-xxxx BUSINESS IMPACT ANALYSIS OVERVIEW This Business Impact Analysis (BIA) is developed as part of the Dream Landing Contingency Plan. PURPOSE This report will identify essential business functions of Dream Landing and provide recovery objectives and service restoration priorities necessary in the event of information asset disruption, compromise or failure. SYSTEM DESCRIPTION Dream Landing uses 8 Lenovo desktop computers and a HP multifunction printer connected to a Dell server via a 1GB Ethernet LAN. A cable modem provides 30 Mb/sec connectivity via the company’s Internet Service Provider, Charter Communications. Dream Landing leases a comprehensive travel booking software, Easy Book, from the SaaS
Disaster and RecoveryBusiness Impact AnalysisSystem .docx

Recommended

S299137 Enterprise Saa S Behind The Operational Scenes Of Oracle Crm On Demand
S299137 Enterprise Saa S Behind The Operational Scenes Of Oracle Crm On DemandS299137 Enterprise Saa S Behind The Operational Scenes Of Oracle Crm On Demand
S299137 Enterprise Saa S Behind The Operational Scenes Of Oracle Crm On DemandKate Haughton
 
Task 1.Complete the BIA table below and use it for the remai
Task 1.Complete the BIA table below and use it for the remaiTask 1.Complete the BIA table below and use it for the remai
Task 1.Complete the BIA table below and use it for the remaialehosickg3
 
Boomerang Total Recall
Boomerang Total RecallBoomerang Total Recall
Boomerang Total Recallbdoyle05
 
ISS CAPSTONE TEAM
ISS CAPSTONE TEAMISS CAPSTONE TEAM
ISS CAPSTONE TEAMJonathan Fuller
 
Building a Business Continuity Capability
Building a Business Continuity CapabilityBuilding a Business Continuity Capability
Building a Business Continuity CapabilityRod Davis
 
Dave Ford Resume
Dave Ford ResumeDave Ford Resume
Dave Ford ResumeDave Ford
 
V mware quick start guide to disaster recovery
V mware quick start guide to disaster recoveryV mware quick start guide to disaster recovery
V mware quick start guide to disaster recoveryVMware_EMEA
 
Bronack Skills - Risk Management and SRE v1.0 12-3-2023.pdf
Bronack Skills - Risk Management and SRE v1.0 12-3-2023.pdfBronack Skills - Risk Management and SRE v1.0 12-3-2023.pdf
Bronack Skills - Risk Management and SRE v1.0 12-3-2023.pdfThomasBronack
 

Recommended

S299137 Enterprise Saa S Behind The Operational Scenes Of Oracle Crm On Demand
S299137 Enterprise Saa S Behind The Operational Scenes Of Oracle Crm On DemandS299137 Enterprise Saa S Behind The Operational Scenes Of Oracle Crm On Demand
S299137 Enterprise Saa S Behind The Operational Scenes Of Oracle Crm On DemandKate Haughton
 
Task 1.Complete the BIA table below and use it for the remai
Task 1.Complete the BIA table below and use it for the remaiTask 1.Complete the BIA table below and use it for the remai
Task 1.Complete the BIA table below and use it for the remaialehosickg3
 
Boomerang Total Recall
Boomerang Total RecallBoomerang Total Recall
Boomerang Total Recallbdoyle05
 
ISS CAPSTONE TEAM
ISS CAPSTONE TEAMISS CAPSTONE TEAM
ISS CAPSTONE TEAMJonathan Fuller
 
Building a Business Continuity Capability
Building a Business Continuity CapabilityBuilding a Business Continuity Capability
Building a Business Continuity CapabilityRod Davis
 
Dave Ford Resume
Dave Ford ResumeDave Ford Resume
Dave Ford ResumeDave Ford
 
V mware quick start guide to disaster recovery
V mware quick start guide to disaster recoveryV mware quick start guide to disaster recovery
V mware quick start guide to disaster recoveryVMware_EMEA
 
Bronack Skills - Risk Management and SRE v1.0 12-3-2023.pdf
Bronack Skills - Risk Management and SRE v1.0 12-3-2023.pdfBronack Skills - Risk Management and SRE v1.0 12-3-2023.pdf
Bronack Skills - Risk Management and SRE v1.0 12-3-2023.pdfThomasBronack
 
What is dr and bc 12-2017
What is dr and bc 12-2017What is dr and bc 12-2017
What is dr and bc 12-2017Atef Yassin
 
Appendix6ApplicationsFunctionPlatformLocationRockville, MarylandC.docx
Appendix6ApplicationsFunctionPlatformLocationRockville, MarylandC.docxAppendix6ApplicationsFunctionPlatformLocationRockville, MarylandC.docx
Appendix6ApplicationsFunctionPlatformLocationRockville, MarylandC.docxarmitageclaire49
 
Department of Defense
Department of DefenseDepartment of Defense
Department of DefenseDarius Dozier
 
Bronack Skills - Risk Management and SRE v1.0 12-10-2023.pdf
Bronack Skills - Risk Management and SRE v1.0 12-10-2023.pdfBronack Skills - Risk Management and SRE v1.0 12-10-2023.pdf
Bronack Skills - Risk Management and SRE v1.0 12-10-2023.pdfThomasBronack
 
Business continuity and disaster recovery
Business continuity and disaster recoveryBusiness continuity and disaster recovery
Business continuity and disaster recoveryAdeel Javaid
 
Cisco cybersecurity essentials chapter - 6
Cisco cybersecurity essentials chapter - 6Cisco cybersecurity essentials chapter - 6
Cisco cybersecurity essentials chapter - 6Mukesh Chinta
 
ESEI White Paper-Disaster Recovery "A Risk Assessment Exercise"
ESEI White Paper-Disaster Recovery "A Risk Assessment Exercise" ESEI White Paper-Disaster Recovery "A Risk Assessment Exercise"
ESEI White Paper-Disaster Recovery "A Risk Assessment Exercise" ESEI
 
November 2014 Webinar - Disaster Recovery Worthy of a Zombie Apocalypse
November 2014 Webinar - Disaster Recovery Worthy of a Zombie ApocalypseNovember 2014 Webinar - Disaster Recovery Worthy of a Zombie Apocalypse
November 2014 Webinar - Disaster Recovery Worthy of a Zombie ApocalypseRapidScale
 
DG_Architecture_Training.pptx
DG_Architecture_Training.pptxDG_Architecture_Training.pptx
DG_Architecture_Training.pptxTranVu383073
 
Kept up by Potential IT Disasters? Your Guide to Disaster Recovery as a Servi...
Kept up by Potential IT Disasters? Your Guide to Disaster Recovery as a Servi...Kept up by Potential IT Disasters? Your Guide to Disaster Recovery as a Servi...
Kept up by Potential IT Disasters? Your Guide to Disaster Recovery as a Servi...VAST
 
Ethyca CodeDriven - Data Privacy Compliance for Engineers & Data Teams
Ethyca CodeDriven - Data Privacy Compliance for Engineers & Data TeamsEthyca CodeDriven - Data Privacy Compliance for Engineers & Data Teams
Ethyca CodeDriven - Data Privacy Compliance for Engineers & Data TeamsCillian Kieran
 
Practical Cybersecurity Compliance for Small Business Contractors
Practical Cybersecurity Compliance for Small Business ContractorsPractical Cybersecurity Compliance for Small Business Contractors
Practical Cybersecurity Compliance for Small Business ContractorsRobert E Jones
 
2016 01-05 csr css non-confidential slide deck
2016 01-05 csr css non-confidential slide deck2016 01-05 csr css non-confidential slide deck
2016 01-05 csr css non-confidential slide deckRichard (Dick) Kaufman
 
Business Continuity for Mission Critical Applications
Business Continuity for Mission Critical ApplicationsBusiness Continuity for Mission Critical Applications
Business Continuity for Mission Critical ApplicationsDataCore Software
 
Disaster recovery enw
Disaster recovery enwDisaster recovery enw
Disaster recovery enwJoseph Manzelli Jr
 
GACO Webinar: Practical Cybersecurity Compliance for Small Business Contractors
GACO Webinar: Practical Cybersecurity Compliance for Small Business ContractorsGACO Webinar: Practical Cybersecurity Compliance for Small Business Contractors
GACO Webinar: Practical Cybersecurity Compliance for Small Business ContractorsRobert E Jones
 
Fulcrum Group- Layer Your DR/BC
Fulcrum Group- Layer Your DR/BCFulcrum Group- Layer Your DR/BC
Fulcrum Group- Layer Your DR/BCSteve Meek
 
Vazata Federal IaaS
Vazata Federal IaaSVazata Federal IaaS
Vazata Federal IaaSftculotta27
 
It Capabilities.2009
It Capabilities.2009It Capabilities.2009
It Capabilities.2009Diontealley
 
Innovative-Consulting Technology Capabilities. Statement
Innovative-Consulting Technology Capabilities. StatementInnovative-Consulting Technology Capabilities. Statement
Innovative-Consulting Technology Capabilities. StatementDiontealley
 
Discussion questions – Twain, The Man That Corrupted Hadleyburg.docx
Discussion questions – Twain, The Man That Corrupted Hadleyburg.docxDiscussion questions – Twain, The Man That Corrupted Hadleyburg.docx
Discussion questions – Twain, The Man That Corrupted Hadleyburg.docxduketjoy27252
 
Discussion Questions The difficulty in predicting the future is .docx
Discussion Questions The difficulty in predicting the future is .docxDiscussion Questions The difficulty in predicting the future is .docx
Discussion Questions The difficulty in predicting the future is .docxduketjoy27252
 

More Related Content

Similar to Disaster and RecoveryBusiness Impact AnalysisSystem .docx

What is dr and bc 12-2017
What is dr and bc 12-2017What is dr and bc 12-2017
What is dr and bc 12-2017Atef Yassin
 
Appendix6ApplicationsFunctionPlatformLocationRockville, MarylandC.docx
Appendix6ApplicationsFunctionPlatformLocationRockville, MarylandC.docxAppendix6ApplicationsFunctionPlatformLocationRockville, MarylandC.docx
Appendix6ApplicationsFunctionPlatformLocationRockville, MarylandC.docxarmitageclaire49
 
Department of Defense
Department of DefenseDepartment of Defense
Department of DefenseDarius Dozier
 
Bronack Skills - Risk Management and SRE v1.0 12-10-2023.pdf
Bronack Skills - Risk Management and SRE v1.0 12-10-2023.pdfBronack Skills - Risk Management and SRE v1.0 12-10-2023.pdf
Bronack Skills - Risk Management and SRE v1.0 12-10-2023.pdfThomasBronack
 
Business continuity and disaster recovery
Business continuity and disaster recoveryBusiness continuity and disaster recovery
Business continuity and disaster recoveryAdeel Javaid
 
Cisco cybersecurity essentials chapter - 6
Cisco cybersecurity essentials chapter - 6Cisco cybersecurity essentials chapter - 6
Cisco cybersecurity essentials chapter - 6Mukesh Chinta
 
ESEI White Paper-Disaster Recovery "A Risk Assessment Exercise"
ESEI White Paper-Disaster Recovery "A Risk Assessment Exercise" ESEI White Paper-Disaster Recovery "A Risk Assessment Exercise"
ESEI White Paper-Disaster Recovery "A Risk Assessment Exercise" ESEI
 
November 2014 Webinar - Disaster Recovery Worthy of a Zombie Apocalypse
November 2014 Webinar - Disaster Recovery Worthy of a Zombie ApocalypseNovember 2014 Webinar - Disaster Recovery Worthy of a Zombie Apocalypse
November 2014 Webinar - Disaster Recovery Worthy of a Zombie ApocalypseRapidScale
 
DG_Architecture_Training.pptx
DG_Architecture_Training.pptxDG_Architecture_Training.pptx
DG_Architecture_Training.pptxTranVu383073
 
Kept up by Potential IT Disasters? Your Guide to Disaster Recovery as a Servi...
Kept up by Potential IT Disasters? Your Guide to Disaster Recovery as a Servi...Kept up by Potential IT Disasters? Your Guide to Disaster Recovery as a Servi...
Kept up by Potential IT Disasters? Your Guide to Disaster Recovery as a Servi...VAST
 
Ethyca CodeDriven - Data Privacy Compliance for Engineers & Data Teams
Ethyca CodeDriven - Data Privacy Compliance for Engineers & Data TeamsEthyca CodeDriven - Data Privacy Compliance for Engineers & Data Teams
Ethyca CodeDriven - Data Privacy Compliance for Engineers & Data TeamsCillian Kieran
 
Practical Cybersecurity Compliance for Small Business Contractors
Practical Cybersecurity Compliance for Small Business ContractorsPractical Cybersecurity Compliance for Small Business Contractors
Practical Cybersecurity Compliance for Small Business ContractorsRobert E Jones
 
2016 01-05 csr css non-confidential slide deck
2016 01-05 csr css non-confidential slide deck2016 01-05 csr css non-confidential slide deck
2016 01-05 csr css non-confidential slide deckRichard (Dick) Kaufman
 
Business Continuity for Mission Critical Applications
Business Continuity for Mission Critical ApplicationsBusiness Continuity for Mission Critical Applications
Business Continuity for Mission Critical ApplicationsDataCore Software
 
GACO Webinar: Practical Cybersecurity Compliance for Small Business Contractors
GACO Webinar: Practical Cybersecurity Compliance for Small Business ContractorsGACO Webinar: Practical Cybersecurity Compliance for Small Business Contractors
GACO Webinar: Practical Cybersecurity Compliance for Small Business ContractorsRobert E Jones
 
Fulcrum Group- Layer Your DR/BC
Fulcrum Group- Layer Your DR/BCFulcrum Group- Layer Your DR/BC
Fulcrum Group- Layer Your DR/BCSteve Meek
 
Vazata Federal IaaS
Vazata Federal IaaSVazata Federal IaaS
Vazata Federal IaaSftculotta27
 
It Capabilities.2009
It Capabilities.2009It Capabilities.2009
It Capabilities.2009Diontealley
 
Innovative-Consulting Technology Capabilities. Statement
Innovative-Consulting Technology Capabilities. StatementInnovative-Consulting Technology Capabilities. Statement
Innovative-Consulting Technology Capabilities. StatementDiontealley
 

Similar to Disaster and RecoveryBusiness Impact AnalysisSystem .docx (20)

What is dr and bc 12-2017
What is dr and bc 12-2017What is dr and bc 12-2017
What is dr and bc 12-2017
 
Appendix6ApplicationsFunctionPlatformLocationRockville, MarylandC.docx
Appendix6ApplicationsFunctionPlatformLocationRockville, MarylandC.docxAppendix6ApplicationsFunctionPlatformLocationRockville, MarylandC.docx
Appendix6ApplicationsFunctionPlatformLocationRockville, MarylandC.docx
 
Department of Defense
Department of DefenseDepartment of Defense
Department of Defense
 
Bronack Skills - Risk Management and SRE v1.0 12-10-2023.pdf
Bronack Skills - Risk Management and SRE v1.0 12-10-2023.pdfBronack Skills - Risk Management and SRE v1.0 12-10-2023.pdf
Bronack Skills - Risk Management and SRE v1.0 12-10-2023.pdf
 
Business continuity and disaster recovery
Business continuity and disaster recoveryBusiness continuity and disaster recovery
Business continuity and disaster recovery
 
Cisco cybersecurity essentials chapter - 6
Cisco cybersecurity essentials chapter - 6Cisco cybersecurity essentials chapter - 6
Cisco cybersecurity essentials chapter - 6
 
ESEI White Paper-Disaster Recovery "A Risk Assessment Exercise"
ESEI White Paper-Disaster Recovery "A Risk Assessment Exercise" ESEI White Paper-Disaster Recovery "A Risk Assessment Exercise"
ESEI White Paper-Disaster Recovery "A Risk Assessment Exercise"
 
November 2014 Webinar - Disaster Recovery Worthy of a Zombie Apocalypse
November 2014 Webinar - Disaster Recovery Worthy of a Zombie ApocalypseNovember 2014 Webinar - Disaster Recovery Worthy of a Zombie Apocalypse
November 2014 Webinar - Disaster Recovery Worthy of a Zombie Apocalypse
 
DG_Architecture_Training.pptx
DG_Architecture_Training.pptxDG_Architecture_Training.pptx
DG_Architecture_Training.pptx
 
Kept up by Potential IT Disasters? Your Guide to Disaster Recovery as a Servi...
Kept up by Potential IT Disasters? Your Guide to Disaster Recovery as a Servi...Kept up by Potential IT Disasters? Your Guide to Disaster Recovery as a Servi...
Kept up by Potential IT Disasters? Your Guide to Disaster Recovery as a Servi...
 
Ethyca CodeDriven - Data Privacy Compliance for Engineers & Data Teams
Ethyca CodeDriven - Data Privacy Compliance for Engineers & Data TeamsEthyca CodeDriven - Data Privacy Compliance for Engineers & Data Teams
Ethyca CodeDriven - Data Privacy Compliance for Engineers & Data Teams
 
Practical Cybersecurity Compliance for Small Business Contractors
Practical Cybersecurity Compliance for Small Business ContractorsPractical Cybersecurity Compliance for Small Business Contractors
Practical Cybersecurity Compliance for Small Business Contractors
 
2016 01-05 csr css non-confidential slide deck
2016 01-05 csr css non-confidential slide deck2016 01-05 csr css non-confidential slide deck
2016 01-05 csr css non-confidential slide deck
 
Business Continuity for Mission Critical Applications
Business Continuity for Mission Critical ApplicationsBusiness Continuity for Mission Critical Applications
Business Continuity for Mission Critical Applications
 
Disaster recovery enw
Disaster recovery enwDisaster recovery enw
Disaster recovery enw
 
GACO Webinar: Practical Cybersecurity Compliance for Small Business Contractors
GACO Webinar: Practical Cybersecurity Compliance for Small Business ContractorsGACO Webinar: Practical Cybersecurity Compliance for Small Business Contractors
GACO Webinar: Practical Cybersecurity Compliance for Small Business Contractors
 
Fulcrum Group- Layer Your DR/BC
Fulcrum Group- Layer Your DR/BCFulcrum Group- Layer Your DR/BC
Fulcrum Group- Layer Your DR/BC
 
Vazata Federal IaaS
Vazata Federal IaaSVazata Federal IaaS
Vazata Federal IaaS
 
It Capabilities.2009
It Capabilities.2009It Capabilities.2009
It Capabilities.2009
 
Innovative-Consulting Technology Capabilities. Statement
Innovative-Consulting Technology Capabilities. StatementInnovative-Consulting Technology Capabilities. Statement
Innovative-Consulting Technology Capabilities. Statement
 

More from duketjoy27252

Discussion questions – Twain, The Man That Corrupted Hadleyburg.docx
Discussion questions – Twain, The Man That Corrupted Hadleyburg.docxDiscussion questions – Twain, The Man That Corrupted Hadleyburg.docx
Discussion questions – Twain, The Man That Corrupted Hadleyburg.docxduketjoy27252
 
Discussion Questions The difficulty in predicting the future is .docx
Discussion Questions The difficulty in predicting the future is .docxDiscussion Questions The difficulty in predicting the future is .docx
Discussion Questions The difficulty in predicting the future is .docxduketjoy27252
 
Discussion questions – Dunbar Paul Lawrence Dunbar was a pio.docx
Discussion questions – Dunbar Paul Lawrence Dunbar was a pio.docxDiscussion questions – Dunbar Paul Lawrence Dunbar was a pio.docx
Discussion questions – Dunbar Paul Lawrence Dunbar was a pio.docxduketjoy27252
 
Discussion Questions Identify the top three threats to the home.docx
Discussion Questions Identify the top three threats to the home.docxDiscussion Questions Identify the top three threats to the home.docx
Discussion Questions Identify the top three threats to the home.docxduketjoy27252
 
Discussion questions – Hurston Zora Neal Hurston attended Ho.docx
Discussion questions – Hurston Zora Neal Hurston attended Ho.docxDiscussion questions – Hurston Zora Neal Hurston attended Ho.docx
Discussion questions – Hurston Zora Neal Hurston attended Ho.docxduketjoy27252
 
Discussion Questions Compare and contrast through a critical an.docx
Discussion Questions Compare and contrast through a critical an.docxDiscussion Questions Compare and contrast through a critical an.docx
Discussion Questions Compare and contrast through a critical an.docxduketjoy27252
 
Discussion questions (self evaluation)Examine nursing roles th.docx
Discussion questions (self evaluation)Examine nursing roles th.docxDiscussion questions (self evaluation)Examine nursing roles th.docx
Discussion questions (self evaluation)Examine nursing roles th.docxduketjoy27252
 
Discussion QuestionReflecting on what you have learned abou.docx
Discussion QuestionReflecting on what you have learned abou.docxDiscussion QuestionReflecting on what you have learned abou.docx
Discussion QuestionReflecting on what you have learned abou.docxduketjoy27252
 
Discussion questionMotivation is the all-ensuing mechanism t.docx
Discussion questionMotivation is the all-ensuing mechanism t.docxDiscussion questionMotivation is the all-ensuing mechanism t.docx
Discussion questionMotivation is the all-ensuing mechanism t.docxduketjoy27252
 
Discussion QuestionHow much, if any, action on ergonomics in th.docx
Discussion QuestionHow much, if any, action on ergonomics in th.docxDiscussion QuestionHow much, if any, action on ergonomics in th.docx
Discussion QuestionHow much, if any, action on ergonomics in th.docxduketjoy27252
 
Discussion QuestionConsider a popular supplement you andor y.docx
Discussion QuestionConsider a popular supplement you andor y.docxDiscussion QuestionConsider a popular supplement you andor y.docx
Discussion QuestionConsider a popular supplement you andor y.docxduketjoy27252
 
Discussion QuestionDiscuss opportunities for innovation and en.docx
Discussion QuestionDiscuss opportunities for innovation and en.docxDiscussion QuestionDiscuss opportunities for innovation and en.docx
Discussion QuestionDiscuss opportunities for innovation and en.docxduketjoy27252
 
Discussion Question(s)Im interested in the role of women-- in t.docx
Discussion Question(s)Im interested in the role of women-- in t.docxDiscussion Question(s)Im interested in the role of women-- in t.docx
Discussion Question(s)Im interested in the role of women-- in t.docxduketjoy27252
 
Discussion Question(s)Why do you think that Native Allies and Af.docx
Discussion Question(s)Why do you think that Native Allies and Af.docxDiscussion Question(s)Why do you think that Native Allies and Af.docx
Discussion Question(s)Why do you think that Native Allies and Af.docxduketjoy27252
 
Discussion Question(This post must be at least 200 words.)What d.docx
Discussion Question(This post must be at least 200 words.)What d.docxDiscussion Question(This post must be at least 200 words.)What d.docx
Discussion Question(This post must be at least 200 words.)What d.docxduketjoy27252
 
Discussion Question(s)What were the colonial misgivings about m.docx
Discussion Question(s)What were the colonial misgivings about m.docxDiscussion Question(s)What were the colonial misgivings about m.docx
Discussion Question(s)What were the colonial misgivings about m.docxduketjoy27252
 
Discussion Question(s)The reading for this week was a grab bag o.docx
Discussion Question(s)The reading for this week was a grab bag o.docxDiscussion Question(s)The reading for this week was a grab bag o.docx
Discussion Question(s)The reading for this week was a grab bag o.docxduketjoy27252
 
Discussion Question(s)Could Latin American reactions to the Bour.docx
Discussion Question(s)Could Latin American reactions to the Bour.docxDiscussion Question(s)Could Latin American reactions to the Bour.docx
Discussion Question(s)Could Latin American reactions to the Bour.docxduketjoy27252
 
Discussion Question(s)Clearly there is potential for major probl.docx
Discussion Question(s)Clearly there is potential for major probl.docxDiscussion Question(s)Clearly there is potential for major probl.docx
Discussion Question(s)Clearly there is potential for major probl.docxduketjoy27252
 
Discussion Question Week #1·         Discover which agencies, in.docx
Discussion Question Week #1·         Discover which agencies, in.docxDiscussion Question Week #1·         Discover which agencies, in.docx
Discussion Question Week #1·         Discover which agencies, in.docxduketjoy27252
 

More from duketjoy27252 (20)

Discussion questions – Twain, The Man That Corrupted Hadleyburg.docx
Discussion questions – Twain, The Man That Corrupted Hadleyburg.docxDiscussion questions – Twain, The Man That Corrupted Hadleyburg.docx
Discussion questions – Twain, The Man That Corrupted Hadleyburg.docx
 
Discussion Questions The difficulty in predicting the future is .docx
Discussion Questions The difficulty in predicting the future is .docxDiscussion Questions The difficulty in predicting the future is .docx
Discussion Questions The difficulty in predicting the future is .docx
 
Discussion questions – Dunbar Paul Lawrence Dunbar was a pio.docx
Discussion questions – Dunbar Paul Lawrence Dunbar was a pio.docxDiscussion questions – Dunbar Paul Lawrence Dunbar was a pio.docx
Discussion questions – Dunbar Paul Lawrence Dunbar was a pio.docx
 
Discussion Questions Identify the top three threats to the home.docx
Discussion Questions Identify the top three threats to the home.docxDiscussion Questions Identify the top three threats to the home.docx
Discussion Questions Identify the top three threats to the home.docx
 
Discussion questions – Hurston Zora Neal Hurston attended Ho.docx
Discussion questions – Hurston Zora Neal Hurston attended Ho.docxDiscussion questions – Hurston Zora Neal Hurston attended Ho.docx
Discussion questions – Hurston Zora Neal Hurston attended Ho.docx
 
Discussion Questions Compare and contrast through a critical an.docx
Discussion Questions Compare and contrast through a critical an.docxDiscussion Questions Compare and contrast through a critical an.docx
Discussion Questions Compare and contrast through a critical an.docx
 
Discussion questions (self evaluation)Examine nursing roles th.docx
Discussion questions (self evaluation)Examine nursing roles th.docxDiscussion questions (self evaluation)Examine nursing roles th.docx
Discussion questions (self evaluation)Examine nursing roles th.docx
 
Discussion QuestionReflecting on what you have learned abou.docx
Discussion QuestionReflecting on what you have learned abou.docxDiscussion QuestionReflecting on what you have learned abou.docx
Discussion QuestionReflecting on what you have learned abou.docx
 
Discussion questionMotivation is the all-ensuing mechanism t.docx
Discussion questionMotivation is the all-ensuing mechanism t.docxDiscussion questionMotivation is the all-ensuing mechanism t.docx
Discussion questionMotivation is the all-ensuing mechanism t.docx
 
Discussion QuestionHow much, if any, action on ergonomics in th.docx
Discussion QuestionHow much, if any, action on ergonomics in th.docxDiscussion QuestionHow much, if any, action on ergonomics in th.docx
Discussion QuestionHow much, if any, action on ergonomics in th.docx
 
Discussion QuestionConsider a popular supplement you andor y.docx
Discussion QuestionConsider a popular supplement you andor y.docxDiscussion QuestionConsider a popular supplement you andor y.docx
Discussion QuestionConsider a popular supplement you andor y.docx
 
Discussion QuestionDiscuss opportunities for innovation and en.docx
Discussion QuestionDiscuss opportunities for innovation and en.docxDiscussion QuestionDiscuss opportunities for innovation and en.docx
Discussion QuestionDiscuss opportunities for innovation and en.docx
 
Discussion Question(s)Im interested in the role of women-- in t.docx
Discussion Question(s)Im interested in the role of women-- in t.docxDiscussion Question(s)Im interested in the role of women-- in t.docx
Discussion Question(s)Im interested in the role of women-- in t.docx
 
Discussion Question(s)Why do you think that Native Allies and Af.docx
Discussion Question(s)Why do you think that Native Allies and Af.docxDiscussion Question(s)Why do you think that Native Allies and Af.docx
Discussion Question(s)Why do you think that Native Allies and Af.docx
 
Discussion Question(This post must be at least 200 words.)What d.docx
Discussion Question(This post must be at least 200 words.)What d.docxDiscussion Question(This post must be at least 200 words.)What d.docx
Discussion Question(This post must be at least 200 words.)What d.docx
 
Discussion Question(s)What were the colonial misgivings about m.docx
Discussion Question(s)What were the colonial misgivings about m.docxDiscussion Question(s)What were the colonial misgivings about m.docx
Discussion Question(s)What were the colonial misgivings about m.docx
 
Discussion Question(s)The reading for this week was a grab bag o.docx
Discussion Question(s)The reading for this week was a grab bag o.docxDiscussion Question(s)The reading for this week was a grab bag o.docx
Discussion Question(s)The reading for this week was a grab bag o.docx
 
Discussion Question(s)Could Latin American reactions to the Bour.docx
Discussion Question(s)Could Latin American reactions to the Bour.docxDiscussion Question(s)Could Latin American reactions to the Bour.docx
Discussion Question(s)Could Latin American reactions to the Bour.docx
 
Discussion Question(s)Clearly there is potential for major probl.docx
Discussion Question(s)Clearly there is potential for major probl.docxDiscussion Question(s)Clearly there is potential for major probl.docx
Discussion Question(s)Clearly there is potential for major probl.docx
 
Discussion Question Week #1·         Discover which agencies, in.docx
Discussion Question Week #1·         Discover which agencies, in.docxDiscussion Question Week #1·         Discover which agencies, in.docx
Discussion Question Week #1·         Discover which agencies, in.docx
 

Recently uploaded

The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13Steve Thomason
 
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfBASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfSoniaTolstoy
 
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Sapana Sha
 
Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)eniolaolutunde
 
A Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy ReformA Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy ReformChameera Dedduwage
 
Science 7 - LAND and SEA BREEZE and its Characteristics
Science 7 - LAND and SEA BREEZE and its CharacteristicsScience 7 - LAND and SEA BREEZE and its Characteristics
Science 7 - LAND and SEA BREEZE and its CharacteristicsKarinaGenton
 
Alper Gobel In Media Res Media Component
Alper Gobel In Media Res Media ComponentAlper Gobel In Media Res Media Component
Alper Gobel In Media Res Media ComponentInMediaRes1
 
How to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptxHow to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptxmanuelaromero2013
 
Introduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher EducationIntroduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher Educationpboyjonauth
 
CARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptxCARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptxGaneshChakor2
 
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...Krashi Coaching
 
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdfssuser54595a
 
Concept of Vouching. B.Com(Hons) /B.Compdf
Concept of Vouching. B.Com(Hons) /B.CompdfConcept of Vouching. B.Com(Hons) /B.Compdf
Concept of Vouching. B.Com(Hons) /B.CompdfUmakantAnnand
 
Crayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon ACrayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon AUnboundStockton
 
Hybridoma Technology ( Production , Purification , and Application )
Hybridoma Technology ( Production , Purification , and Application ) Hybridoma Technology ( Production , Purification , and Application )
Hybridoma Technology ( Production , Purification , and Application ) Sakshi Ghasle
 
Organic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptxOrganic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptxVS Mahajan Coaching Centre
 
Paris 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityParis 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityGeoBlogs
 

Recently uploaded (20)

The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13
 
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfBASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
 
Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝
 
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
 
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
 
Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)
 
A Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy ReformA Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy Reform
 
Science 7 - LAND and SEA BREEZE and its Characteristics
Science 7 - LAND and SEA BREEZE and its CharacteristicsScience 7 - LAND and SEA BREEZE and its Characteristics
Science 7 - LAND and SEA BREEZE and its Characteristics
 
Alper Gobel In Media Res Media Component
Alper Gobel In Media Res Media ComponentAlper Gobel In Media Res Media Component
Alper Gobel In Media Res Media Component
 
How to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptxHow to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptx
 
Introduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher EducationIntroduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher Education
 
CARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptxCARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptx
 
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
 
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
 
Concept of Vouching. B.Com(Hons) /B.Compdf
Concept of Vouching. B.Com(Hons) /B.CompdfConcept of Vouching. B.Com(Hons) /B.Compdf
Concept of Vouching. B.Com(Hons) /B.Compdf
 
Crayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon ACrayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon A
 
Hybridoma Technology ( Production , Purification , and Application )
Hybridoma Technology ( Production , Purification , and Application ) Hybridoma Technology ( Production , Purification , and Application )
Hybridoma Technology ( Production , Purification , and Application )
 
Código Creativo y Arte de Software | Unidad 1
Código Creativo y Arte de Software | Unidad 1Código Creativo y Arte de Software | Unidad 1
Código Creativo y Arte de Software | Unidad 1
 
Organic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptxOrganic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptx
 
Paris 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityParis 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activity
 

Disaster and RecoveryBusiness Impact AnalysisSystem .docx

  • 1. Disaster and Recovery Business Impact Analysis System Description/Purpose Impact to business if degradation Estimated Downtime Resource Requirements. Business Contingency Plan Incident Response Policy Purpose Identifying and Reporting Incidents Mitigation and Containment Questions? Overview Shawn Kirkland Purpose Determine mission/business processes and recovery criticality. Identify resource requirements. Identify recovery priorities for system resources. System Description/Purpose Impact to business if degradation Estimated Downtime Resource Requirements.
  • 2. Business Impact Analysis Shawn Kirkland Determine mission/business processes and recovery criticality. Mission/business processes supported by the system are identified and the impact of a system disruption to those processes is determined along with outage impacts and estimated downtime. The downtime should reflect the maximum that an organization can tolerate while still maintaining the mission. Identify resource requirements. Realistic recovery efforts require a thorough evaluation of the resources required to resume mission/business processes and related interdependencies as quickly as possible. Examples of resources that should be identified include facilities, personnel, equipment, software, data files, system components, and vital records. Identify recovery priorities for system resources. Based upon the results from the previous activities, system resources can more clearly be linked to critical mission/business processes. Priority levels can be established for sequencing recovery activities and resources. This document is used to build the Dream Landing’s Database Server Information System Contingency Plan (ISCP) and is included as a key component of the ISCP. It also may be used to support the development of other contingency plans associated with the system, including, but not limited to, the Disaster Recovery Plan (DRP) or Cyber Incident Response Plan. 3
  • 3. Operating System Microsoft Windows Server 2008 R2 Application Microsoft SQL Server 2008 Enterprise Edition Hardware Dell R720 Location Server Rack on second floor server room. Connection System Administrator connects via local area network. Other users connect remotely DR Method 1 Full backup weekly and dailies every day. 3 hours after close of business. System Description Shawn Kirkland The Dream Landing’s database server is comprised of Microsoft SQL Server 2008 Enterprise Edition installed and running on Microsoft Windows Server 2008 R2; this platform is housed on a Dell R720 server-class system. The database server is located in the server rack located on the second floor server room. Local administrators connect directly through the local area network; other users connect indirectly through the web server. Daily snapshot backup operations are conducted every day 3 hours after close of business. 4 ImpactMission/Business ProcessDescriptionQuery customer recordDatabase retrieval of customer information (e.g. address, phone, payment information)Store customer transactionRecording of customer purchases and
  • 4. creditsAuthenticate user name and passwordStored procedure verifying user credentials Impact values Severe = $100,000 Moderate = $50,000 Minimal = $10,000 Mission/Business ProcessImpact CategoryMinimalModerateHighSevereImpactQuery customer recordxMinimalStore customer transactionxSevereAuthenticate user name and passwordxModerate Jamarcus White Impact values for assessing category impact: Severe = $100,000 Moderate = $50,000 Minimal = $10,000 Mission/Business Process Impact Category MinimalModerateHighSevereImpact Query customer recordxMinimal Store customer transactionxSevere Authenticate user name and passwordxModerate 5 Estimated DowntimeMission/Business ProcessMTDRTORPOQuery customer record48 hours24 hours8 hoursStore customer transaction24 hours12 hours4 hoursAuthenticate user name and password36 hours24 hours8 hours MTD RTO
  • 5. RPO Jamarcus White Maximum Tolerable Downtime (MTD). The MTD represents the total amount of time leaders/managers are willing to accept for a mission/business process outage or disruption and includes all impact considerations. Determining MTD is important because it could leave continuity planners with imprecise direction on (1) selection of an appropriate recovery method, and (2) the depth of detail which will be required when developing recovery procedures, including their scope and content. Recovery Time Objective (RTO). RTO defines the maximum amount of time that a system resource can remain unavailable before there is an unacceptable impact on other system resources, supported mission/business processes, and the MTD. Determining the information system resource RTO is important for selecting appropriate technologies that are best suited for meeting the MTD. Recovery Point Objective (RPO). The RPO represents the point in time, prior to a disruption or system outage, to which mission/business process data must be recovered (given the most recent backup copy of the data) after an outage. 6 Resource RequirementsSystem Resource/ComponentPlatform/OS/Version (as applicable)DescriptionServer-class SystemDell R720Rack- mounted systemWindows Server2008 R2Host operating systemMicrosoft SQL Server2008Database management systemDatabase filesLatest, or latest snapshot if neededBinary
  • 6. files containing data Garrett Grey System Resource/ComponentPlatform/OS/Version (as applicable)Description Server-class SystemDell R720Rack-mounted system Windows Server2008 R2Host operating system Microsoft SQL Server2008Database management system Database filesLatest, or latest snapshot if neededBinary files containing data 7 CEO consults department leads to consider time for recovery and determine need for business contingency. CEO announces business contingency is in effect. CEO works with local authorities to ensure human safety as needed. Network managers and technicians move network operations to warm site. IT managers and technicians assess ability to move existing systems to warm site. IT managers and technicians requisition new equipment to be delivered to warm site as needed. Technicians validate warm site's network infrastructure and telecommunications capabilities. IT managers and technicians install/restore systems at warm site. Technicians connect systems to warm site network. Technicians update public domain name records. Technicians inform customer service representatives of changes to telephone numbers, public IP addresses, etc. Customer service representatives contact customers with new
  • 7. contact information. Business Contingency plan Garrett Grey Try to summarize this the best you can. Don’t read word for word as that will bore the planet into sleeping. Use the imagination. 8 Purpose Scope Definitions Incident Response Policy Garrett Grey Just say “ In the IR Policy we have Purpose, Scope, and Definitions. This slide is just for show really. 9 Purpose Scope Definitions Information Systems Security Incident Physical Security Purpose
  • 8. Dallas Jones 1.2 Purpose The purpose of this policy is to outlay protocols and guidelines on how to effectively respond to incidents or events that affects the computers, data, or networks of Dream Land Department of Information Resources. 1.3 Scope This policy explicitly applies to all departments and individual users of Dream Landing. Users who travel remotely and VPN into the main office shall also adhere to this policy. Any individual who has been issued an electronic or compute device, which includes cell phones, pagers, PDAs, iPads, and Android devices, maintains a fiduciary obligation to this organization. All networking resources, including servers, PCs, switches, routers, firewalls, and additional compute equipment is included within this policy. 1.4 Definitions Information Systems: is defined as computers/mainframes that are used for collecting, storing processing data and delivering information. The primary operating system used for this information system is Microsoft Operating System (OS). Servers are also defined as information systems because they provide resources to be utilized for employees of Dream Land organization and external users. Security Incident: is defined as an event in which there is a diversion from the normal security regulations. The unintentional disclosure, compromise of data, an unauthorized activity that disrupts the confidentiality, integrity, and/or the availability of Information systems.
  • 9. Physical Security: physical protocols put into place to prevent human intrusion into a secure of confidential area. These protocols include key-pads, dead-bolt lock doors, security cameras, and personnel. 10 Employees IT Technicians Severity Levels Level 1 Level 2 Level 3 Level 4 Identifying and Reporting Incidents Dallas Jones i. Employees: In the event of a Security incident, including suspicious events, all users must report promptly to the Computer Security Incident Response Team (CSIRT)/IT Technician, and/or company owner for issues relating to but not limited worms, viruses, spyware, malware, denial of service attacks, or other unusual encounters. ii. IT Technician: The IT Technician must examine and determine if the attack is real and designate a severity level. If the severity is of significant level to alert and seek additional CSIRT support, the IT Technician will do so. The technician may also contact the CERT Coordination Center, which has the most recent information on viruses and worms. Severity Levels a) Severity Level One- a security incident that detected on an
  • 10. internal system that can be handled by anti-virus software (AVG) b) Severity Level Two- small numbers of system probes detected on external systems c) Severity Level Three- if a penetration or denial of service attempt(s) with limited impact on operations is detected and anti-virus software cannot handle it, this severity should be used because of potential risk to finances and public relation. d) Severity Level Four- a threat to public safety or life 11 Eradication Restoration Log Of Security Incident Annual Report Mitigation and Containment Dallas Jones Eradication & Restoration i. Eradication- Once the origins of the problem are identified, all malicious code and corrupting Security incidents are removed. The magnitude of damage must be assessed and a plan of action prepared and communicated to the appropriate parties ii. Restoration- Once the above protocols are taken care of and upon authorization by the CSIRT/IT Technician and owner, the availability of affected systems, devices and network can be restored. Documentation i. Log of Security Incident – CSIRT/IT Technician shall maintain a log of all Security Incidents recording the date, time of recognition, the affected computer or device, a summary of
  • 11. the intrusion and the corrective measure taken to solve the issue. I . Annual Report - CSIRT/IT Technician shall report annually to the CEO providing statistics and summary-level information about significant incidents reported, and provide recommendation to mitigate from known risk. 12 Questions? CONTINGENCY PLAN POLICY PURPOSE The Contingency Plan is established to reduce the threat of theft, fraud and misuse of company resources through detailed procedures that provide guidelines for the notification, documentation, evaluation and assessment, monitoring and auditing, training, and response and recovery relating to all information security incidents that impact the confidentiality, integrity, and availability of Dream Landing Information Data and related networks. The Contingency Plan is established to reduce the threat of theft, fraud and misuse of company resources through detailed procedures that provide guidelines for the notification, response, and recovery of incidents from all threat levels that impact the confidentiality, integrity, and availability of Dream Landing Information Data and related networks. To ensure the protection of all shareholders and informational
  • 12. assets, strict adherence and enforcement of the plan is mandatory. In order to maximize effectiveness and success of normal operations, the plan will assign roles and responsibilities to both management and subordinates, set rules and regulations that govern all activities, designate resources necessary for the plan’s implementation, and outline procedural steps to ensure internal and external coordination. ORGANIZATIONAL POSITION Dream Landing has a legal and professional responsibility to its shareholders to protect all sensitive, personal, and private information. In order to fulfill this obligation, proactive measures, timely responses, and immediate restoration of critical business activities must be in compliance with Federal and State laws. APPLICABILITY/SCOPE All functions, resources, and operations of Dream Landing are subject to the guidelines and provisions of this policy. Use of the following Dream Landings information assets and networked systems subject to this policy include: Lenovo Desktop PC'S, Laser Jet Printers, Dell Servers, Easy Book Travel Booking Software, Heartland America Co Payment client-server interface, Windows Server 2008 Network Operating System, Gmail, SME Light HR Tools, and Office Pro Security. Directors, officers, and employees, including contractual employees, third party vendors and the secondary affiliates of third party vendors who use, access, handle, and maintain company software/hardware are subject and subordinate to the terms of this policy. RESPONSIBILITY It is the responsibility of Dream Landing, under the direction of the Information Security Officer (ISO), Mr. Chen, in conjunction with the IT Technician and Privacy Officer (PO), Matt Dudley, to define, implement, administer, enforce, and
  • 13. monitor all procedures outlined throughout the Contingency Plan (CP). Mr. Chen periodically reviews, evaluates, and tests the plan for updates, changes and modifications and ensures compliance within applicable Federal and State laws. The ISO, Mr. Chen directs all actions taken by staff, personnel, contractors, and vendors in response to security incidents. All employees will comply fully and completely with the policy and procedures detailed in this document to include: reading and the learning the material outlined in the CP Handbook/Manual, thereby ensuring their ability to thoroughly carry out each articulated step in the IR plan, attend training, report incidents, perform routine safeguards, and follow the directives of the ISO/PO as instructed. The Human Resources Department, Legal Council, and Office of Public Relations will work in coordination with the ISO/PO to ensure compliance with all Federal and State Laws, Privacy Rights Rules and Regulations, with special consideration for Public and Community Interests. In summary, it is the responsibility of all shareholders to know, enact, and comply with all policy, procedures, rules, and regulations of the Contingency Plan, report all incidents of security threats/breaches, and to periodically attend training on all elements of the plan. Reporting Structure The ISO is the Primary Director of the plan, to whom all are subordinate.. The PO is Secondary to the ISO, to whom he directly reports. All employees, contractors, vendors, and business partners are subordinate to the ISO/PO,
  • 14. to whom they directly report. ASSESSMENT AND EVALUATION The ISO and the PO are responsible for testing and validating the plan. Testing shall be administered semi-annually. The testing shall include risk assessment and a business impact analysis performed by the CPMT. The purpose of this testing is to ensure that the shareholders of the company are knowledgeable and capable of performing assigned tasks in accordance with the contingency plan. It is also to ensure that the plan effectively identifies and minimizes threats, details and characterizes the appropriate responses, and allows the restoration of all normal operations within a reasonable time. CONTINGENCY PLAN POLICY The CP team composed of the ISO, Mr Chen, and the PO, Matt Dudley, will define, implement, administer, enforce, monitor, develop, test, and maintain the Dream Landing Contingency Plan. The plan should contain the following: Identity of all mission critical applications, ranked according to their priority and maximum permissible outage. Provide an inventory of all hardware and software that comprise the network system. Schedule frequency of all application, data, software, and databases backup. Identify where back up are stored and who has access. Identify the roles and responsibilities of all stakeholders. Identify the name, contact information, and service provided by all third party vendors.
  • 15. Set and establish procedural steps in the preparation, address, and remediation of identified security threats. Detail and establish standards of appropriate use and security measures for all hardware, software, and data assets. Detail and establish the notification, documentation, and reporting process for all security incidents. Detail and establish testing, monitoring, and evaluation procedures for the contingency plan. Provide for the training on all details of the Contingency Plan to all stakeholders. Empower the necessary internal departments to make available their services and coordinate activities with the committee in the administration and facilitation of the Contingency Plan, to include the HR, Legal, and Public Relations Department. COMPLIANCE All stakeholders that process applications critical to the performance of Dream Landings mission are subject to the technical and operation requirements set by the PCI Security Standard Council that ensures the protection of customer/client data in the processing of credit card payments through routine inventory of IT systems and processes for credit card payments, the remediation of any known vulnerabilities in the services provided, and full compliance reporting to the respective banks and card companies of which we do business. SUPPLEMENTAL INFORMATION Third party vendors, who are equal stakeholders in the CP are as follows:
  • 16. BUSINESS SERVICES PROVIDED SME Light Human Resources/Payroll/Taxes C/S Office Pro Security Upgrades (to SME Light) Charter Communications Internet, Phone SaaS
  • 17. Solution s Easy Book Travel Booking Heartland American Co. Credit Care Payments Google
  • 18. Email ADT Building Security POINTS OF CONTACT Information Security Officer Mr. Chen xxx-xxx-xxxx Privacy Officer
  • 19. Matt Dudley xxx-xxx-xxxx BUSINESS IMPACT ANALYSIS OVERVIEW This Business Impact Analysis (BIA) is developed as part of the Dream Landing Contingency Plan. PURPOSE This report will identify essential business functions of Dream Landing and provide recovery objectives and service restoration priorities necessary in the event of information asset disruption, compromise or failure. SYSTEM DESCRIPTION Dream Landing uses 8 Lenovo desktop computers and a HP multifunction printer connected to a Dell server via a 1GB Ethernet LAN. A cable modem provides 30 Mb/sec connectivity via the company’s Internet Service Provider, Charter Communications. Dream Landing leases a comprehensive travel booking software, Easy Book, from the SaaS