Disaster Recovery Plan Template Business Continuity

DRP BCP Template

ISO 27000, SOX, PCI-DSS & HIPAA Compliant

The Standard for Disaster Recovery and Business Continuity - Over 3,000 Companies World Wide have chosen this DRP/BCP Template

     

In most organizations, DR is the quintessential complex, unfamiliar task. Disasters happen so rarely that recovery operations are the opposite of routine. What's more the myriad, interconnected data, application and other resources that must be recovered after a disaster make recovery an exceptionally difficult and error-prone effort. Even if you have never built a DR plan before, you can achieve great results. Just follow the DR Template that Janco has created and you will have a functioning plan before you know it.

All Business Continuity / Disaster Recovery plans need to encompass how employees will communicate, where they will go and how they will keep doing their jobs. The details can vary greatly, depending on the size and scope of a company and the way it does business. For some businesses, issues such as supply chain logistics are most crucial and are the focus on the plan. For others, information technology may play a more pivotal role, and the Business Continuity / Disaster Recovery plan may have more of a focus on systems recovery.

But the critical point is that neither element can be ignored, and physical, IT and human resources plans cannot be developed in isolation from each other. (In this regard, Business Continuity / Disaster Recovery has much in common with security convergence.) At its heart, Business Continuity / Disaster Recovery is about constant communication.

Janco's Disaster Recovery Plan (DRP) is that tool which can be used as a Disaster Planning template for any size of enterprise. The Template and supporting material have been updated to be Sarbanes-Oxley and HIPAA compliant. The template comes as both a Word document and a static fully indexed PDF document. The DRP/BCP Template includes:

• Disaster Recovery Plan and Business Continuity Template (WORD and PDF)
• Business and IT Impact Analysis Questionnaire
• Work Plan
• Disaster Recovery / Business Continuity Audit Program
• Pandemic Planning Checklist
• Incident Communication Plan and Policy

Preparation for Disaster Recovery / Business Continuity in light of SOX has two primary parts. The first is putting systems in place to completely protect all financial and other data required to meet the reporting regulations and to archive the data to meet future requests for clarification of those reports. The second is to clearly and expressly document all these procedures so that in the event of a SOX audit, the auditors clearly see that the DRP exists and will appropriately protect the data.

 

 

Included in the Disaster Recovery Business Continuity Template are:

• Backup & Backup Retention Policy
• Disaster Recovery Audit Program
• Compliance with the ISO 27000 Series Standards (formerly ISO 17799 now ISO 27001 & ISO 27002), Sarbanes-Oxley, PCI-DSS, and HIPAA
• Web Site Disaster Recovery Planning Form
• Project Status Report Form
• Personnel Location Report
• Department Disaster Recovery Activation Workbook
  • Quick Reference Guide
  • Team Alert List (Form)
  • DRP Team Responsibilities
  • DRP Team Checklist
  • Critical Function(s) Definition
  • Normal Business Hour Response Procedures
  • After Hours Response Procedures
  • DRP Location(s) Definition
  • DRP Recovery Procedures
  • Notification Procedures
  • Notification Call List (Form)
• Updated Business and IT Impact Analysis Questionnaire
• Vendor Disaster Recovery Questionnaire
• Vendor Phone List Form Updated
• Key Customer Notification Form
• Critical Resources to be Retrieved Form
• Business Continuity Off-Site Materials Form
• Business Continuity Audit Program

DRP BCP Template General Description

The DRP template is over 200 pages and includes everything needed to customize the Disaster Recovery Plan to fit your specific requirement.  The electronic document includes proven written text and examples for the following major sections of a disaster recovery plan:

• Plan Introduction
• Business Impact Analysis - including a sample impact matrix
• DRP Organization Responsibilities pre and post disaster - DRP / BCP checklist
• Backup Strategy for Data Centers, Departmental File Servers, Wireless Network servers, Data at Outsourced Sites, Desktops (In office and "at home"), Laptops and PDA's.
• Recovery Strategy including approach, escalation plan process and decision points.
• Disaster Recovery Procedures in a check list format
• Plan Administration Process
• Technical Appendix including definition of necessary phone numbers and contact points
• Job Descriptions
  • Disaster Recovery Manager
  • Manager Disaster Recovery and Business Continuity
  • Pandemic Coordinator
• Work Plan to modify and implement the template. Included is a list of deliverables for each task. (Risk Assessment and Vulnerability Assessment)

There is a extensive section that shows how a full test of the DRP can be conducted.  It includes

• Disaster Recovery Manager Responsibilities
• Distribution of the Disaster Recovery Plan
• Maintenance of the Business Impact Analysis
• Training of the Disaster Recovery Team
• Testing of the Disaster Recovery Plan
• Evaluation of the Disaster Recovery Plan Tests
• Maintenance of the Disaster Recovery Plan

Click on the link below to get the DRP/BC sample pages now and make it part of your disaster recovery toolkit.

Backup Matrix - Sample from Template

---

Testimonials

Testimonial - Dave Baker - City of Hamilton -I have found the DRP template invaluable!

Testimonial - Bob Rifenbury -MCSE/CCNA Launch Testing Lab -The DRP Template saved me about 6 months of work!

Testimonial -  Kelly Keeler - Martin's Point Health Care -I have received and I began using the template immediately. IT IS GREAT! Made this process a snap for me. Cut my documentation time down from.  weeks to hours! This document has made, what began to be an overwhelming process turn into a snap!

Testimonial - Juan Stamos - Mexico City Corporation -We had a DRP in place, but needed a more user friendly structure.  The Disaster Recovery Template (Gold edition) has that structure.  It was very easy to quickly move our DRP into Janco's DRP Template -- a real added value.

---

This template is not for resale or re-distribution - Disaster Plan Template, Disaster Recovery Planning Template Disaster Recovery Template, Disaster Recovery

 

 

 

 

 

Disaster Recovery / Business Continuity - DRP / BCP News

---

Art of business continuity is balancing cost,availability, and time

Finding the right balance of features and price to meet your RPO and RTO is one of the most critical things you can do to protect your business. For IT system continuity, there are three solution categories: backup, high availability, and disaster recovery.

• Backup means keeping your data safe; in this situation, RPO is more critical than RTO.
• High availability means keeping your critical applications and data online; a high availability solution is required for high RPO and RTO.
• Disaster recovery is the ability to recover data in case the production system is damaged, is destroyed, or becomes unavailable for an undeterminable period of time. A comprehensive disaster recovery solution that can restore data quickly and completely is required to meet low RPO and RTO thresholds.

more info

---

Disaster Planning for international enterprises

Disaster recovery and business continutiy plans for internationaly base organizations need to take in to account limitiations that various counties place on location of data.

Many parts of Europe forbid some data from being transmitted or stored outside of the country. Canada also has some rules that prohibit some data being stored in the United States due to the U.S. Patriot Act's provisions that let the federal government examine corporate records.

It's important to note that the legal issues are local to where your customer resides. You have to understand the laws and make sure that personally identifiable data and some financial records are kept local if required by the law.

This could be an issue as cloud computing systems become more distributed. Indeed, while the primary facility may be in-country, the failover site, or perhaps the site used when the primary site is under maintenance, could be across the border and, thus, noncompliant.

more info

---

Business process contingency plan is disaster recovery plan

A disaster recovery plan (DRP) - sometimes referred to as a business continuity  plan (BCP) or business process contingency plan (BPCP) - describes how an organization is to deal with potential disasters. Just as a disaster is an event that makes the continuation of normal functions impossible, a disaster recovery plan consists of the precautions taken so that the effects of a disaster will be minimized and the organization will be able to either maintain or quickly resume mission-critical functions. Typically, disaster recovery planning involves an analysis of business processes and continuity needs; it may also include a significant focus on disaster prevention.more info

---

Cost of Disaster Recovery Backup Is High For Many Enterprises

The need for de-duplication is increasing for many organizations as they gather ever-growing volumes of data. At the same time, they are looking for ways to reduce storage costs, improve efficiencies and provide adequate disaster recovery capabilities. The key benefit is the ability to lessen the Total Cost of Ownership (TCO) of storage hardware by eliminating redundant blocks of data and then allowing organizations to replicate that data -- if required -- to a second system for offsite storage. That can remove the need for tape. Data de-duplication not only allows companies to reduce the disk space needed for backup and restore, but it can increase performance and reliability while reducing demands for rack space, power and cooling. Further, it can reduce the bandwidth requirements for data transfer by 90 percent or more.

more info

---

The Difference Between Disaster Recovery Planning and Business Continuity Planning Defined

Disaster Recovery Planning (DRP) is the process by which you resume business after a disruptive event.  This typically means that you can get the enterprise computers, networks, and data base operational. The event might be something huge-like an earthquake or the terrorist attacks on the World Trade Center-or something small, like malfunctioning software caused by a computer virus.

Given the human tendency to look on the bright side, many business executives are prone to ignoring "disaster recovery" because disaster seems an unlikely event. However Janco has found that over one third of all enterprises have had to activate their Disaster Plans in the last few years.

Business Continuity Planning (BCP) suggests a more comprehensive approach to making sure you can keep the enterprise going and meet it business objectives. This goes beyond the enterprise computers, networks and data bases.  However, the two terms are married under the acronym DR/BC or DRP/BCP. At any rate, Disaster Recovery Planning and/or Business Continuity Planning facilitate how a company will keep functioning after a disruptive event until its normal facilities are restored. 

more info

---

Testing business continuity plan key to success

In order to virtually eliminate the chances of the plan failing to work an in-depth test should be carried out at least once a year; this would not only ensure that everything works at the technology level (including any new elements of the IT environment) but it also helps new staff become familiar with the various steps needed to keep the business protected. But testing and the resulting changes can take time so in order to minimize disruption it should be performed at times when the organization is less busy, for example over the holidays.

Businesses aiming for a watertight strategy should have detailed documentation of the plan and policies so that it can be shared between relevant staff and passed from incumbent to new employees. They could also make a full time employee responsible for the company’s business continuity strategy, someone who knows its every aspect inside out, from data security and recovery, to communications networks and SLAs. For a belt & braces approach, if budget allows, a secondary backup system could be deployed where an additional data centre or site with mixed storage media would provide an extra layer of protection depending on the scale of the disaster.

It goes without saying that every company, regardless of size, needs a concise business continuity plan in case of an emergency. If you don't have a disaster recovery plan or haven't updated yours recently, now is the time to take this critical step to protect your business.

At the same time there are more security requirements that need to be met.  With mandated requirements like Sarbanes-Oxley, HIPAA, PCI-DSS, and ITIL, executive management is depending on you to have the right security policies and procedures in place.

more info

---

DRP Backup Solutions

To plan your data protection solution appropriately, you must first understand the type of technology environment that you are running. Consider the following:

• Direct attached storage (DAS): The simplest backup and restore environment, DAS usually consists of a standalone tape drive or an autoloader attached directly to the server that it is protecting. Businesses that operate DAS usually require backups only daily and/or weekly, maintain only a few (one or two) networked servers on each network and do not use online business-critical operations.
• Network backup: LAN/SAN-based backup storage uses devices that are managed centrally from a single console through a single backup server, reducing hardware costs, and management time. Businesses that operate LAN/SAN-based backup usually require continuous, business-critical operations as well as hourly or daily backups; have multiple networked servers; and can run multiple operating systems.

more info

---

Business continuity planning for a Pandemic

Larger corporations typically can continue business as usual even while many employees are out sick in a Pandemic.  However Business Continuity Planning  at small firms rely heavily on key individuals and find themselves nearly incapacitated if several of those key people get sick, must stay home with sick children, or are in areas put under quarantine.

 

• Phone Trees

At a minimum, small business owners should update employees' contact information to include current home phone numbers and addresses, e-mail addresses, and cell phone numbers. Some employers establish phone trees so they can efficiently contact all their employees to check on and alert them during an emergency.

Another vital component to a business continuity plan is to collect contact information, including cell phone numbers, for their suppliers, vendors, and key customers. Keep this information in print and online, and store copies off-site in case you can't get into your office.

A host of legal and medical questions may arise for small business owners if swine flu roars back with a vengeance this fall.

Imagine you run a small business like a day-care center, where vulnerable children congregate and colds and flu are prevalent. Do you close and send your entire staff and all children home at the first sign of any flu? Do you send home only sick children and sick staff? When? When do you reopen or allow them to return? What information and medical clearance would you need to send staff or children home, allow them to return, close, or reopen the center? These are not easy questions.

• Backup Staff

Janco recommends that companies prepare for operational disruptions by doing employee cross training or lining up backup staff now. Employers should review and enhance existing emergency disaster plans to ensure business continuity. Employers that are just getting started should develop a plan that includes pandemic preparedness, and review it and conduct drills regularly. A checklist for flu policy is posted at the government's flu awareness Web site.

Aside from preparing and practicing for pandemic, small business owners may want to check with their attorneys for advice on unusual situations -- What do you do with employees who are medically vulnerable to the flu or those with young children or elderly relatives at home? Do you send them home? When and for how long? With pay?

• Paid Sick Leave?

The federal Family Medical Leave Act provides eligible employees with up to 12 weeks of unpaid leave to care for themselves or sick family members. Generally, FMLA regulations do not cover flu absences unless complications arise, but courts recently have interpreted the FMLA to mandate leave for the flu and other viral infections.

However, the federal law does not cover firms with fewer than 50 employees. Small employers usually do not have to provide sick leave, so it is a surprise to many employees that they are not entitled to any sick leave, much less any paid sick leave.

Another question for your human resources manager and/or attorney is what communications responsibility you have as a business owner if one of your employees is diagnosed with swine flu. There are health confidentiality and privacy issues for employees, so employers should not disclose personal health information. But employers do not want a modern day Typhoid Mary spreading swine flu at work. If there is an employee with confirmed swine flu, some employers are alerting employees that there may be swine flu exposure at work without identifying the involved employee.

You might need to think about giving an infected person's immediate co-workers enhanced sick leave to protect themselves or family members, particularly if they have particular medical vulnerability to the illness, he says. Some employers bring in cleaning crews to disinfect an office where swine flu has been found. Providing hand disinfectant for employees is not a bad idea.

more info

News Feed   Safe Shopping Copyright © 1999 - Copyright - Janco Associates, Inc. - ALL RIGHTS RESERVED