- Disaster Planning - Business Continuity Planning
Disaster Planning Business Continuity Planning
The definition of the necessary level of data backup and restoration processes are crucial components of business continuity and disaster recovery planning. But they are not the only factors that the enterprise and its IT organizations need to consider when defining the strategy they will use in protecting critical data against various disasters including unforeseen events such as severe weather, natural disasters or power failures. They also need to take into account applications, servers, networks, communications, work spaces, and the people who run the applications.
How can organizations effectively evaluate their business continuity needs and ensure that the technologies in place are effective? One key step is to conduct a business impact analysis which examines all the business functions and assesses the damage if a function suffers outages. Storage systems - and more specifically the data that's stored in them - are extremely relevant for business continuity. But so are the applications, servers, networks and people who run the applications.
Metrics for business continuity and disaster recovery include time-lines for recovery point objectives (RPOs) and factors defined as recovery time objectives (RTOs). For data to be available when needed, it needs to be replicated to a remote site. Depending on the desired RPO, that could be synchronous or asynchronous data transfer. In some cases it could be a combination of data that is replicated synchronously to a location that is geographically close and then asynchronously replicated to an out-of-region recovery center.
But data is only part of the equation. Servers, networks and other IT components also play a major role. Just having the data replicated might be okay for a disaster recovery environment with longer acceptable recovery time objectives. The high cost of storage, communications, network access, and software replication are just a few of the challenges in implementing adequate business continuity. For a complete real business continuity plan, more than just the data needs to be replicated and available at a secondary site - employee workstations, communication, servers, and applications need to be available. Only with a complete business continuity and disaster recovery plan and strategy in place can organizations ensure continuous operation of the enterprise and availability of vital information
DRP and Security Audit Bundle
This bundle is fully compliant with Sarbanes-Oxley, HIPAA, PCI-DSS and ISO27000. It has been updated to reflect all of the recent legislation and other mandated requirements.
The Disaster Planning and Business Continuity Template has been selected by over 2,000 enterprise as the foundation of their DRP and BCP programs.
The Security Manual Templatehas just been updated to address issues such as SmartPhone and other PDAs
The Security Audit Program contains over 400 unique tasks divided into 11 areas of audit focus which are the divided into 38 separate task groupings. The audit program is one that either an external auditor, internal auditor can use to validate the compliance of the Information Technology and the enterprise to ISO 27000, Sarbanes-Oxley, HIPAA, and PCI-DSS.
The Disaster Recovery / Business Continuity Audit program identifies control objectives that are meet by the audit program. There are 36 specific items that the audit covers in the 11 page audit program.