---

Quality Assurance and Control Bundle

Defining quality means developing expectations or standards of quality. Standards can be developed for inputs, processes, or outcomes; they can be clinical or administrative. Standards can be applied at the level of an individual, facility, or an enterprise. A good standard is explicit, reliable, realistic, valid, and clear. Standards of quality can be developed according to the Dimensions of Quality and should be based on the best scientific evidence available. Stakeholder (including client and community) expectations of quality should also be incorporated in the definition of quality standards. Defined standards or definitions of quality are prerequisites for measuring quality. If standards don’t exist, they must be designed. Although standards are context-specific, universally accepted standards are often a good starting point for developing local standards.

To achieve these goals for Information Technology Janco has combined some of its most popular products to help CIO and IT organizations to meet the most stringent Quality Assurance and Control Standards.

     

The Quality Assurance and Quality Control Bundle includes:

• IT Infrastructure Template - Included with the template are a HIPAA Audit Program Guide and an ISO 27001 and ISO 27002 Security Process Audit Checklist.  The Template is over 125 pages in length (the full table of contents can be downloaded by clicking on the link above) and the topics covered include:
  • IT Infrastructure, Strategy, and Charter Summary
  • Strategy and Charter Statement of Authority
  • IT Management Structure
  • Compliance
  • Personnel Practices
  • Controls
  • Application Development Standards
  • Service Requests
  • Local Area Network
  • Back-up and Recovery
  • Disaster Recovery Plan
  • Security
  • Access Control - Physical Site
  • Access Control - Software and Data
  • Facility Requirements
  • ISO 27001 & ISO 27002 Audit Checklist
  • HIPAA Audit Program
  • Full Job Description for CIO large enterprise
  • Full Job Description for CIO small enterprise
    
    
• IT Service Management Template -The IT Service Management Policy Template is a 130 page document that contains policies, standards,  procedures and metrics that comply with version 2 and 3 of the ITIL Standard.  Chapters of the template include:
  • Service Requests Policy
  • Service Request Standard
  • Help Desk Policy
  • Help Desk Standards
  • Help Desk Procedures
  • Help Desk Service Level Agreement
  • Change Control Standard
  • Change Control Quality Assurance Standard
  • Change Control Management Workbook
  • Documentation Standard
  • Application Version Control Standard
  • Version Control Standard
  • Internet Policy
  • e-Mail Policy
  • Electronic Communication Policy
  • Blog & Personal Web Site Policy
  • Travel and Off-Site Meeting
  • Sensitive Information Policy
    
    
• Security Policy Template - Security Manual for the Internet and Information Technology is over 220 pages in length. The Security Manual template includes both the Business & IT Impact Questionnaire and the Threat & Vulnerability Assessment Tool (both were redesigned to address Sarbanes Oxley compliance).
  
  
• Disaster Recovery Template - The DRP template is over 200 pages and includes everything needed to customize the Disaster Recovery Plan to fit your specific requirement.  The electronic document includes proven written text and examples.
  
  
• Record Management, Retention, and Destruction Policy - The Record Management, Retention, and Destruction policy is a detail template which can be utilized on day one to create a records management process.  Included with the policy are forms for establishing the record management retention and destruction schedule and a full job description with responsibilities for the Manager Records Administration.
  
  

     

 

 

 

 

 

 

Quality Assurance and Control News

---

Data Center Recovery Articles

Readings that will help you in creating a Data Center Recovery Strategy:

• Options for a data center disaster recovery strategy  Data Center disaster recovery strategy – options A critical component of a disaster recovery business continuity is the data center disaster recovery strategy — Hot...
• Top 10 Infrastructure Issues that CIOs need to include in IT Strategy  Janco's Top 10 Infrastructure Issue List Top 10 issues that need to be included in every CIO's technology infrastructure strategy: Users will not be centrally...
• Google data center security & disaster recovery  This is a great video on physical security as well as the the software security. This is a great primer which all CIOs and Data...
• 10 Backup Best Practices supplementing a disaster recovery and business continuity solution with the cloud  10 Backup best practices -  supplementing a disaster recovery and business continuity back-up solution with the cloud Backup best practices are used by many CIOs...
• Modular data center – options for backup site  Modular data centers have come a long way. Modular data centers have been in use by the government since the 1960s. Now they are commercially...

 

- more info

---

Disaster Recovery Business Continuity Articles

Disaster Recovery Business Continuity Articles

 

- more info

---

Disaster Plans need to be updated

Disaster Plans need to be update for as Windows XP is reaching the ending of life - it will no longer be supported. 

Recently Microsoft made the unsurprising announcement that as of 8th April 2014 they will no longer provide updates or security patches for Windows XP.

Organisations still using the 12 year old technology will be required to replace XP with a new operating system, most likely Windows 7. This change could come at considerably effort and cost and if not appropriately managed and co-ordinated could cause significant impact to the business.  For example;

• Windows 7 Software licences will need to be purchased and installed
• Existing PCs, laptop and servers may not be Windows XP compatible and will require upgrade or replacement
•  Legacy applications that are no longer supported may not continue to operate in a Windows 7 environment and would require development changes or in extreme cases complete replacement
• Existing data may need to be converted to alternative formats to ensure it can still be safely backed up, verified and restored in the event of a business continuity or disaster recovery event.

 

- more info

---

Data Backbone of Disaster Recovery

Data is the backbone of every organization. No matter the business, industry, or size, reliable data access is essential to operations. As that data continues to grow exponentially, it is important to have a backup and recovery strategy that meets current business needs and has the flexibility to grow and change.

 

Follow us at https://twitter.com/@itmanagercio

 

Protecting your data is vital to the survival and growth of your business. You must keep your systems and employees up and running - and productive - even as fast backup and restore processes are being completed. And, should a "worst-case scenario" occur, being prepared with an appropriate disaster recovery plan is essential.

 

The Disaster Recovery Plan (DRP) can be used as a Disaster Planning template for any size of enterprise. The Disaster Recovery template and supporting material have been updated to be Sarbanes-Oxley and HIPAA compliant.

- more info

---

Will your disaster recovery provider be in business when you need them?

What if your were in Florida and the Hurricane season was in full swing and your provider went out of business. Would you have the time to move to a new provider and test your solution before you need to execute your plan?

For example, earlier this year Google decided to close its Message Continuity service. Google gave most clients a reasonable timescale to find an alternative supplier, allowing existing Message Continuity contracts to run until their contacts expired.  What if that was the communication solution you had selected for communicating with your staff?  Would you be able to implement, test, and communicate a new one on time.

Another example was the news that Doyenz, the US-based supplier of rCloud, a service which offers disaster recovery for physical and virtual servers, had decided to pull the plug on its UK operations. Clients were given not weeks or months but days to respond and to find a new supplier.

CIOs and IT managers all need to consider all of the possibilities when developing and testing their disaster recovery plans.

 

- more info

---

Disaster Recovery Misconceptions

Disaster Recovery -  What are the major misconceptions when a disaster occurs with IT systems? Can your systems can not support your company’s day-to-day operations?

 

The major misconception is that a backup recovery plan is all that you need.  At Janco Associates that is not enough.  We have found that most companies are really not prepared.  Files can be restored but it does no good if they do have facilities for their staffs.

1. Disaster Recovery and Business Continuity Top 10 “Disaster Recovery and business continuity are all about being ready for everything.  The question that every IT manager and CIO has to answer every day...
2. Google data center security & disaster recovery  This is a great video on physical security as well as the the software security. This is a great primer which all CIOs and Data...
3. Meeting ISO 27031 Requirements Meeting ISO 27031 Requirements ISO 27031 The ISO Standard defines the Information and Communication Technology (ITC) Requirements for Business Continuity (IRBC) program that supports the...
4. Will your disaster recovery provider be in business when you need them? Disaster Recovery plans that depend on outsourcers face significant additional risk What if your were in Florida and the Hurricane season was in full swing...
5. IBM Business Continuity Plan Services  Business Continuity Services Video Business continuity video is good overview of what IBM thinks about this...

 

- more info

---

Weather Issues Impact Business Continuity Plans

Weather needs to be considered when business continuity plans are developed.

 

1. Disasters Caused by Weather Affect South the Most  Disasters as Hurricane Sandy showed, weather can have extensive and long lasting affects.  Sandy now has entered the North East in the Billion Dollar Weather...
2. Blizzard 2013 Blizzard 2013 to test many business continuity plans In the aftermath of the Blizzard 2013, which disrupted transportation, power, internet, phone and numerous other technical...
3. Disaster Planning for Weather Related Events  Disaster Planning steps to follow for weather related events Disaster Planning is a must given the changing weather and climate. As it has been recently...
4. Disaster Recovery and Business Continuity Top 10 “Disaster Recovery and business continuity are all about being ready for everything.  The question that every IT manager and CIO has to answer every day...
5. Business Continuity Plan Has to be in Place Now  Business continuity plan is something that every organization needs to have in place before a disaster happens.  Every day somewhere in the world disasters are...

- more info

---

Requirements of a basic disaster recovery plan

Effective operations management requires clear, concise recovery execution or automation, enabling staff members to execute the same tasks and achieve similar results. In particular, an effective disaster recovery plan must address three key goals:

• Minimize downtime: The consequences of extended downtime can be severe, not only in terms of lost business and lost productivity, but even in terms of survival for small organizations.
• Minimize risk: Not having a disaster recovery plan often constitutes an unacceptable level of risk - but simply having a disaster recovery plan in place does not eliminate risk if its reliability is uncertain.
• Control costs: Traditional disaster recovery plans are often limited in scope because of the costs associated with building and maintaining a recovery site, training staff members in disaster recovery processes, testing those processes, and so on.

 

- more info

---

ISO22301:2012 - Standards definition

ISO22301:2012 (Societal Security - Business Continuity Management System - Requirements) is the international standard for business continuity within organisations and defines the specification and best practice for implementing a robust business continuity management system. Published in May 2012, ISO22301 replaces the BS25999 standard which will be withdrawn in 2013.

- more info

---

Is this years flu the start of a pandemic

In disaster planning when a pandemic occurs the data center exists but people often are in separate locations. The Disaster Planning and Business Continuity Planning processes need to make the user and business operating experience is as similar as possible so that the work environment is the same in the remote site (often home) as in the office.

- more info