Bus Cont Plan&Disas Recov Plan 2
Select a major organization that was located in the Hurricane Katrina disaster area. Research their experiences and prepare a report detailing the unexpected challenges the organization encountered in returning their operations to normal. Give suggestions on what might be added to the organization’s contingency plan to mitigate those unexpected challenges.
Write a 1-2 page paper. Assignment should follow all APA rules and include a min. of (1) citation/reference.
Chapter 3: Evaluating Risk
Terms
Risk
How likely this is to happen and how badly it will hurt.
Disaster
An event that disrupts a critical business function
Business Interruption
Something that disrupts the normal flow of business operations.
Attributes of Risk
Risk
Predictability
Location
Impact
Advanced Warning
Time of Day
Scope
Day of Week
Likelihood
Risk Analysis
Process that identifies the probable threats to your business
Analysis used as basis for assessment later in the process
Assessment compares risk analysis to what you have in place
Begins with determining what are essential functions to business
Scope
Determined by the potential damage and/or cost
Cost of downtime
Cost of lost opportunity
Five Layers of Risk
External Risk
Risk to local facility
Data systems
Individual department
Own workstation
External Risk
Natural Disaster
Fire
Hurricanes
Storms
Earthquake
Tornado
Civil Risk
Riots
Labor Disputes
Manufactured Risk
Industrial Sites
Transportation
Facility-wide Risk
Electricity
Telephones
Water
Climate Control
Data Network
Data Systems
Data Communication Network
Telecomm System
Data Systems
Shared computers and LANs
Viruses
Departmental Risk
Key Operating Equipment
Lack of Data Systems
Vital Records
Desk’s risk
Determine Tools Used
Locked Down?
Severity of Risk
Time of Day
Day of Week
Location
Making the Assessment
Scoring
Sorting
Analyze the data
Summary
Determine cost of downtime
Identify risks at five layers
Determine impact of risk
Identify outside sources
Prioritize risks
Chapter 4: Selecting a Strategy
Recovery strategy
Main purpose is to restore vital business functions
Restore to minimum acceptable level of service
Selecting a strategy
Trade off between time and money
Maximum recovery time = recovery time objective (RTO)
Craft a strategy for each significant area
Recovery Point Objective (RPO)
Amount of data that may be lost since last backup
Time
Distance
Recovery options
Recover in a different company site
Subscribe to a recovery site
Wait until disaster-locate empty space
IT recovery strategy
Environmental conditions
Infrastructure
Applications
Data
Recommended it recovery strategy
Second company site
Second site facility set-up
Offsite data backup
Work area recovery strategy
New location far enough away – not affected
Alternate communications for legacy systems
Pre-printed forms for legal or business reasons
Pandemic strategy
Plan to continue operation at a level that permits it to remain in business
Plan will be in operation for 18-24 months
Business continuity strategy
Customers never notice interruption in service
List critical processes identified in BIA
Draft a process map
Identification of steps to eliminate
Draft a risk assessment
Draft end-to-end recovery plan
summary
Selecting a strategy is an important step
Look at how quick one can recover
Determine amount of data a company can afford to lose
How much security the company can afford