Home

Search

Templates Kits

Salary Survey

HandiGuides

Job Descriptions

Policies

Compliance

White Papers

Update Service

Bundles

CIO Infrastructure

Promotions

 

 

Disaster Plan Risk Assessment

What is Disaster
Recovery?

Disaster Planning

Are You Prepared
for a Disaster?

Disaster Clean up
How To

What to do after an explosion, terrorist
attack, or random
act of violence

Disaster Planning
for a Pandemic

Disaster Recovery and Business Continuity

Disaster Recovery
Buiness Continuity
Metrics

Disaster Recovery Business Continuity Funding

Defining Maximum Tolerable Period of Disruption

Disaster Recovery Guide

 

Sarbanes-Oxley
Compliance Auditing Tools

 

Sarbanes-Oxley challenges the Information Technology function with requirements that impact day-to-day activities.

SOX compliance monitoring and auditing tools put in place the infrastructure that every enterprise that must comply with the requirements of this and other mandated security needs addresses.  Each of the components in this tool kit are easy to implement and meets the most stringent needs that you face.

• Security Audit Program - Contains over 400 unique tasks divided into 11 areas of audit focus which are the divided into 38 separate task groupings. The audit program is one that either an external auditor, internal auditor can use to validate the compliance of the Information Technology and the enterprise to ISO 27000, Sarbanes-Oxley, HIPAA, and PCI-DSS.
  
  The results are posted to a 22 page Excel worksheet that graphically summarizes the strengths and weaknesses of the enterprises security and compliance to best security practices. (Read on...)
  

• Job Descriptions - Director Sarbanes-Oxley Compliance and Manager Sarbanes-Oxley Compliance job descriptions.
   

 

 

 

 

Sarbanes Oxley Auditing News

Metrics for Organizations with no Disaster Recovery Business Continuity Plan

According to Janco Associates, an International Disaster Recovery - Business Continuity consultancy the most common form of enterprise wide disaster is related to power outages.  Janco has found that in disaster recovery and business continuity cases it has reviewed the following is true:

• Over one third companies take more than a day to recover from a major power outage caused by events like hurricanes and extensive disasters.
• Over eleven percent of companies take more than a week to recover from these events.
• The typical time to reconfigure a network that has not been planned for can take up to 72 hours - if the resources are available.
• Data that is lost (not backup up electronically) can take weeks to re-enter if there is paper trail and if there is none the data can be lost forever.
• Over 85 percent of companies that experience a computer disaster and do not have a Disaster Recovery - Business Continuity Plan go out of business within 18 months.

- more info

Disaster Recovery Planning Scope

All Disaster Recovery Planning and Business Continuity Planning need to encompass how employees will communicate, where they will go and how they will keep doing their jobs. The details can vary greatly, depending on the size and scope of a company and the way it does business. For some businesses, issues such as supply chain logistics are most crucial and are the focus on the plan. For others, information technology may play a more pivotal role, and the Disaster Recovery and Business Continuity plan may have more of a focus on systems recovery.

But the critical point is that neither element can be ignored, and physical, IT and human resources plans cannot be developed in isolation from each other. At its heart, BC/DR is about constant communication. Business leaders and IT leaders should work together to determine what kind of plan is necessary and which systems and business units are most crucial to the company. Together, they should decide which people are responsible for declaring a disruptive event and mitigating its effects. Most importantly, the plan should establish a process for locating and communicating with employees after such an event. In a catastrophic event (Hurricane Katrina being a recent example), the plan will also need to take into account that many of those employees will have more pressing concerns than getting back to work.

- more info

Disaster Recovery Metric Defined

A proposed overall metric for Disaster Recovery is Total Time to Disaster Recovery (TTDR), which is the time it takes to backup the data, deduplication of the data, replication of the data at remote DR site, and then finally recovery of the data so it is in an operational state. This metric is all-inclusive as it takes into consideration every aspect of the backup and recovery environment into account when performing a true disaster recovery.

Recovery and data replication are the much more important ones issues that need to be considered. It is great to backup data fast, but if it takes three times as long to recover it, try to explain that to your CIO when a major application goes out and he is standing over your shoulder waiting for the data to be recovered.

TTDR includes:

• Backing up the data
• De-duplicating the data, and
• Replicating the data to the remote disaster recovery site
• Setting the data and the applications to an operational state

- more info

Backup For Disaster Recovery and Business Continuity Now Easier

Quantum Corp. a global specialist in backup, recovery and archive, announced two new product releases designed to help end users solve the challenges of data backup and recovery across distributed environments by improving local data protection and disaster recovery (DR) while streamlining management and reducing costs. The latest addition of disk backup solutions with deduplication and replication, the appliance is optimized for remote and branch office environments that are part of a distributed enterprise. The other software product release provides new centralized, multi-tier management and reporting capabilities for unifying backup resources, including disk and tape.

- more info

Disaster Recovery Business Continuity Basics

The basics of a Disaster Recovery Business Continuity Plan are defined in the Janco Disaster Recovery Business Continuity Template. They are:

• Develop the contingency planning policy statement. A formal department or agency policy provides the authority and guidance necessary to develop an effective contingency plan.
• Conduct the business impact analysis (BIA). The BIA helps to identify and prioritize critical IT systems and components.
• Identify preventive controls. Measures taken to reduce the effects of system disruptions can increase system availability and reduce contingency life cycle costs.
• Develop recovery strategies. Thorough recovery strategies ensure that the system may be recovered quickly and effectively following a disruption.
• Develop an IT contingency plan. The contingency plan should contain detailed guidance and procedures for restoring a damaged system.
• Plan testing, training and exercises. Testing the plan identifies planning gaps, whereas training prepares recovery personnel for plan activation; both activities improve plan effectiveness and overall agency preparedness.
• Plan maintenance. The plan should be a living document that is updated regularly to remain current with system enhancements.

- more info