Disaster Recovery Plan Template
Business Continuity
ISO 27000 (formerly ISO 17799), Sarbanes - Oxley,
PCI-DSS & HIPAA Compliant
The Standard for Disaster Recovery and Business Continuity
This
Disaster Recovery Plan (DRP) can be used as a Disaster Planning
template for any enterprise. The Disaster Recovery template and
supporting material have been updated to be Sarbanes-Oxley and HIPAA
compliant. The Disaster Planning Template comes as both a Word and
static fully indexed PDF document and includes:
Disaster Recovery Plan and Business Continuity Template
Business and IT Impact Analysis Questionnaire
Work Plan
Disaster Recovery / Business Continuity Audit Program
Preparation for Disaster Recovery / Business Continuity in light of
SOX has two primary parts. The first is putting systems in place to
completely protect all financial and other data required to meet the
reporting regulations and to archive the data to meet future
requests for clarification of those reports. The second is to
clearly and expressly document all these procedures so that in the
event of a SOX audit, the auditors clearly see that the DR plan
exists and will appropriately protect the data.
Compliance with the ISO 27000
Series Standards (formerly ISO 17799 now ISO 27001 & ISO 27002),
Sarbanes-Oxley, PCI-DSS, and HIPAA
Web Site Disaster Recovery Planning Form
Project Status Report Form
Personnel Location Report
Department Disaster Recovery
Activation
Workbook
Quick Reference Guide
Team Alert List (Form)
DRP Team Responsibilities
DRP Team Checklist
Critical Function(s) Definition
Normal Business Hour Response Procedures
After Hours Response Procedures
DRP Location(s) Definition
DRP Recovery Procedures
Notification Procedures
Notification Call List (Form)
Updated Business and IT Impact
Analysis Questionnaire
Vendor Disaster Recovery Questionnaire
Vendor Phone List Form Updated
Key Customer Notification Form
Critical Resources to be Retrieved Form
Business Continuity Off-Site Materials Form
Business Continuity Audit Program
The premium edition contains 14 full job descriptions. They are:
Chief Information Officer
Chief Security Officer
Chief Compliance Officer
VP Strategy and
Architecture
Director Disaster Recovery
and Business Continuity
Director e-Commerce
Manager Disaster Recovery
Manager Disaster Recovery
and Business Continuity
Disaster Recovery
Coordinator
Disaster Recovery -
Special Projects Supervisor
Manager Database
Capacity Planning
Supervisor
Manager Media Library
Support
Manager Site Management
The DRP template is over 200 pages and includes
everything needed to customize the Disaster Recovery Plan to fit your specific
requirement. The electronic document includes proven written text and
examples for the following major sections of a disaster recovery plan:
Plan
Introduction
Business Impact
Analysis - including a sample impact matrix
DRP Organization
Responsibilities pre and post disaster - drp checklist
Backup Strategy
for Data Centers, Departmental File Servers, Wireless Network
servers, Data at Outsourced Sites, Desktops (In office and "at
home"), Laptops and PDA's.
Recovery
Strategy
including approach, escalation plan process and decision points
Disaster
Recovery Procedures
in a check list format
Plan
Administration
Process
Technical
Appendix including definition of necessary phone numbers and
contact points
Job Description
for Disaster Recovery Manager (3 pages long) - entire disaster
recovery team job descriptions are available.
Work Plan
to modify and implement the template. Included is a
list of deliverables for each task. (Risk Assessment and Vulnerability
Assessment)
There is a extensive
section that show how a full test of the DRP can be conducted. It
includes
Disaster
Recovery Manager Responsibilities
Distribution
of the Disaster Recovery Plan
Maintenance
of the Business Impact Analysis
Training
of the Disaster Recovery Team
Testing
of the Disaster Recovery Plan
Evaluation
of the Disaster Recovery Plan Tests
Maintenance
of the Disaster Recovery Plan
Click on the link below to get the
DRP/BC sample pages
now and make it part of your disaster recovery toolkit.
Testimonials
Testimonial -
Dave Baker - City of Hamilton -I have found
the DRP template invaluable!
Testimonial -
Bob Rifenbury -MCSE/CCNA Lauch
Testing Lab -The DRP Template saved me about 6 months of work!
Testimonial - Kelly Keeler -
Martin's Point Health Care -I have received and I began using the template
immediately. IT IS GREAT! Made this process a snap for me. Cut my
documentation time down from. weeks to hours! This document has made,
what began to be an overwhelming process turn into a snap!
Testimonial -
Juan Stamos - Mexico City
Corporation -We had a DRP in place, but
needed a more user friendly structure. The Disaster Recovery Template (Gold
edition) has that structure. It was very easy to quickly move our DRP into
Janco's DRP Template -- a real added value.
* Update service is for 12 months unless it is purchased within 30
days of the purchase of the Template. Janco reserves the right
to validate purchase of the customer was made for the template.
Amazon Business Continuity Problems Are a Reality
-
Amazon suffered some disaster recovery and business continuity
issuse as online shoppers struggled to enter Amazon.com's main e-commerce site
for the second time in two days.
Only about 30% of visitors managed to enter Amazon.com,
according to mobile and Internet management firm which tracks Web site
performance.
The problem was not limited to the US as Amazon's U.K.
storefront had similiar problems.
The U.K. site first experienced problems when its availability
dropped as low as 38%.
Amazon said, "Some customers reported intermittent problems
accessing Amazon retail Web sites. Amazon is working to resolve the issues, and
Amazon's Web services are not affected."
Average load times jumped to 15 seconds versus 6 seconds.
During the period of site unavailability most shoppers having
access problems got the cryptic error message "Http/1.1 Service Unavailable,
which means little to nontechnical people. That message indicates that whatever
caused the problem proved hard to isolate, making it impossible for the company
to configure its system to trigger a more intelligible alert acknowledging the
problem in plain English.
The more complex a system is, the more challenging it is to
maintain, and a configuration problem here can cause problems somewhere else.
Data Loss a Real Disaster Planning Concern
- Consider the Herculean efforts today to protect the network from
threats: Intrusion prevention systems scan packets for potentially damaging
content; email security systems check for viruses in email content and firewalls
block unsolicited connections. To stop the onslaught of threats to corporate and
government networks, a host of software and appliances are being deployed daily
. In general, these border police applications are doing a fairly decent job of
stopping unauthorized intrusion at the door to your network.
But what about
organizational insiders? Which applications or appliances are scrutinizing the
information being passed out of the network? Intrusion prevention systems and
firewalls arenÂ’t looking for intellectual property sliding out the door right
under their virtual noses. Specifically in healthcare organizations, what about
patient information sent unprotected over the Internet to another provider? Add
in the always-changing regulatory environment, and security is a unique
challenge. All it takes is one misstep to compromise sensitive information.
These are legitimate, authorized users communicating in an above-board way –
but potentially exposing sensitive data in the process. This is the core of the
immensely complex problem of data loss.
-
more
Data Bacup Takes Bandwidth
-
Whether backing up remote data
onto centralized tape or disk backup systems, or replicating company assets
between redundant data centers, wide-area data services (WDS) solutions enable
organizations to move data between sites without the constraints of distance and
throughput. One optimization system accelerates applications typically by five
to 50 times and in some cases up to 100 times faster than conventional transport
mechanisms with up to a 95% reduction in WAN bandwidth utilization.
(Computerworld) Disaster planning traditionally focuses on
three variables: data center replication, building design and backups. Analysts
have maintained for years that the most common disaster is outright hardware
failure because of faulty data center design, for instance, when the emergency
power off button is hit, either accidentally or on purpose. Yet, for many
enterprises throughout the U.S., the reality is that recovery plans should be
customized for whichever type of major disaster is most likely to occur in any
given area.
There are really two kinds of disasters that can
affect your data center, says the executive director of The Uptime
Institute in Santa Fe, N.M. Those that do not affect your data center directly
but do affect your region. Another is a disaster that affects your building
directly; you will not recover until you recover the building. One of the
most important decisions, but one that is often given little thought, is where
to put the data center.
Rather than add more
bandwidth, or invest in expensive, dedicated storage networks, WAN optimization
can improve IP network performance sufficient to turn recovery into continuity.
To help meet the objectives outlined above, a WAN optimization solution must be
able to do three separate tasks for true business continuity: restrict bandwidth
to backup applications during the allowed window and allocate it to critical
applications in the event of a disaster, overcome latency and bandwidth
limitations on the wire, and provide acceleration to roaming or displaced users
redirected to alternative data sources.
Regardless of whether the data is
being replicated from a massive cabinet, over IP-based storage or off a userÂ’s
hard drive for compliance purposes, during the backup window maximum bandwidth
should be available to ensure completion. This requires granular bandwidth
management that can isolate applications on the network and provide a
predictable, policy-based service level. Further, the solution should be able to
distinguish between a user initiated file copy and one started by the backup
daemon, and apply different bandwidth allocations to
each.
Also, the solution must remove latency and protocol
inefficiencies that constrain current WAN backups. Caching and compression
technology combined with inline protocol optimization of commonly used file
transfer protocols form a technology suite that improves the performance
characteristics of a WAN, adding bandwidth and reducing the time needed to
complete backups and restores. Moreover, it should be able to do this for
individual devices and accommodate displaced and roaming users without the need
for bulky appliances.
