Continuity Planning and Disaster recovery

rdgmat001
Mind Map by rdgmat001, updated more than 1 year ago
rdgmat001
Created by rdgmat001 almost 6 years ago
51
0

Description

Mind Map on Continuity Planning and Disaster recovery, created by rdgmat001 on 06/05/2014.

Resource summary

Continuity Planning and Disaster recovery
1 Businesses need to plan for the unexpected to safeguard the organisation in the case of a disaster
2 Ensuring continuous IT and IS operations is a part of a firms legal responsibility
3 BCM, BCP and DRP
3.1 BCP
3.1.1 BCP is a methodology used for developing a plan to maintain business operations during, before and after a disruption
3.1.2 Also involves efforts to ensure primary essential functions are operational during emergencies
3.2 DRP
3.2.1 BCP are the activities that take place before a disaster happens
3.2.2 DRP are the activities which occur once a disaster happens
3.2.3 Disaster recovery is a part of BCP
3.3 BCM
3.3.1 The umbrella term for all processes that ensure business continuity (BCP) and return a business to normal following a disaster (DRP)
3.4 Differences between DRP and BCP
3.4.1 DRP
3.4.1.1 DRP focuses on IT
3.4.1.2 DRP aims to ensure systems recover to previous state
3.4.1.3 Looks Back
3.4.1.4 Emphasis the importance of recovering from a disaster from unknown threats
3.4.2 BCP
3.4.2.1 BCP focuses on the business as a whole
3.4.2.2 Forward looking
3.4.2.3 Ensure plans in place are to improve organisation and maintain survival
3.4.2.4 Emphasises the importance of preventing disasters given known threats
4 Business Continuity Planning
4.1 Business components
4.1.1 Ensure continuity of business components
4.1.2 People
4.1.2.1 Consider the human component and provide training
4.1.3 Technology
4.1.3.1 Technology is an integral part of BPs and system downtime causes problems
4.1.4 Business Processes
4.1.4.1 Put recovery processes into place in case of a disaster
4.1.4.2 Document processes for easy refferrel during disasters
4.1.5 Communication
4.1.5.1 Maintain communication during an emergency for quick responses and recovery
4.1.5.2 Create communication contingencies
4.1.6 Business information
4.1.6.1 Enterprise wide asset and is critical for the mission of the business
4.1.6.2 Need good information security
4.1.7 Customers
4.1.7.1 Maintain customer satisfaction and business reputation
4.1.7.2 Allow for customer service delivery even after a disaster
4.1.8 Suppliers
4.1.8.1 Important part of the value chain
4.1.8.2 Affected during disasters
4.1.8.3 Plan to maintain supplier relationships and service
4.2 BC Risk assessment
4.2.1 Risk are the factors that have the potential to halt business operations if they occur
4.2.2 Identify the likelihood of potential risks, the magnitude of the impact and the adequacy of planned measures
4.2.3 Look at internal and external factors to the business's nature, location and BPs
4.2.4 Can use a risk matrix to determine the risk levels
4.2.4.1 Risk matrix helps with preventing, mitigating and controlling risks
4.3 Business impact analysis
4.3.1 Process used to identify mission critical business functions...
4.3.2 ... and calculate the effects of business functions not being operational based on their dependancies
4.3.3 Also calculates timeframe in which functions should be restored
4.3.4 Can be expressed in terms of money and hard or soft impacts
4.3.5 3 phases
4.3.5.1 1,) Determine critical bus. functions
4.3.5.2 2.) Determine recovery time objective and recovery point objective for each function

Annotations:

  • for technology the recovery time could be the maximum possible downtime for a technology and the acceptable loss of imformation
4.3.5.3 3.) Evaluate resources needed to support and maintain functions in the event of disaster
4.4 Risk Management
4.4.1 Process of identifying, assessing and responding to risks
4.4.2 Bus. impact analysis important for risk management
4.4.3 Need risk mitigation strategies
4.4.3.1 When selecting a strategy consider risks, legislation, and reliability
4.5 Concepts and Principles of a BCP
4.5.1 Must formulate policies and procedures to address business continuity risks
4.5.2 Policies and procedures can form the framework of an effective BCP
4.5.3 Continuity practices should be embedded into the design of IS and processes
4.6 Business continuity culture
4.6.1 BCM should provide an environment and framework in which BC measures will be supported and owned
4.6.2 Building a business continuity culture should consist of
4.6.2.1 Executive Management Support
4.6.2.2 Identify stakeholders
4.6.2.3 Formation of BCP team
4.6.2.4 Employee Engagement

Annotations:

  • employees should be driven to perform duties in the continuity team
4.6.2.5 Shared vision and trust

Annotations:

  • Shared vision and trust of bus continuity policy among all employees
4.6.2.6 Communication

Annotations:

  • communication of policy to employees
4.6.3 Should have a training and education culture
4.6.4 BCP is a continuous process that should be implemented as a business culture
5 Disaster Recovery Planning
5.1 Focuses on recovering the IT systems of the organisation so the business can continue with operations

Annotations:

  • Regaining access to the database, hardware and software
5.2 Disaster recovery management
5.2.1 Physical assets can be replaced but data can not
5.2.2 Data is a very important asset which is crucial for survival
5.2.3 Develop a contingency plan to minimise impact of a disaster
5.2.4 DRP is a legal requirement to ensure the effects of a disaster are mitigated
5.2.5 S.A. has passed legislation (POPI and King 3 Act) to cater for the risks of the pervasiveness of technology

Annotations:

  • King 3 => states that management must demonstrate that the business has adequete business resilience arrangements in place POPI=>A responsible person must secure the integrity and confidentiality of their personal information by taking appropriate measures
5.2.6 Recovery procedure
5.2.6.1 Backing up information from primary data centers to a secondary data centre
5.2.6.2 Data backed up must also be the most recent copy
5.2.6.3 Primary and secondary data centers must be in separate locations so that they are not both affected at the same time
5.2.6.4 The disaster recovery service must detect that a disaster has occurred so that the services can be switched over to the backup site
5.2.6.5 The separation of location of the two data centers causes delays in response times so the service must detect when to switch back to the primary data center
5.2.7 Critical success factors of DRP
5.2.7.1 Top management committment

Annotations:

  • Management provide funding, staffing and resources They decide when and how to implement DRP and the support
5.2.7.2 Policies and goals

Annotations:

  • Policies to define guidelines for DRP and who is accountable for planning and implementation DRP should be driven by need for a competitive advantage through resilient systems
5.2.7.3 Steering committee

Annotations:

  • Steering committee to perform risk assessments and to determine the scope and objectives of the recovery process
5.2.7.4 Prioritisation

Annotations:

  • Most important systems must be given priority
5.2.7.5 Alternative site for backup
5.2.7.6 Backup storage

Annotations:

  • On- site backup, off site backup, cloud computing and personnel to recover data
5.2.7.7 Recovery team
5.2.7.8 Testing

Annotations:

  • testing DRP to ensure it will be effective Develop plan for testing
5.2.7.9 Training

Annotations:

  • Employees must understand the plan and their positions to address arising issues (dealing with stress and miscommunication) when plan is implemented
5.2.7.10 Documentation

Annotations:

  • Documentation of strategies, procedures and objectives of DRP for quick reference
5.2.7.11 Maintenance of DRP plan

Annotations:

  • Updating DRP plan as business process and data change
5.3 Disaster recovery metrics
5.3.1 Recovery time objective
5.3.1.1 Maximum amount of time IT system can be down for after a disaster
5.3.1.2 Likely to vary across nature of the business and the business process
5.3.1.3 Generally the lower the RTO the higher the cost associated with it
5.3.2 Recovery Point Objective
5.3.2.1 Measure of the data loss given the maximum amount of time the organisation is willing to lose data over
5.3.3 RTO,RPO, perfomance and availability affect which recovery strategy to implement
5.4 Readiness of backup strategies
5.4.1 Speed of recovery affected by the type of backup mechanism and the nature of available resources
5.4.2 Backup sites
5.4.2.1 Cold backup sites

Annotations:

  • Backups on a periodic basis Long time to recover data and get servers up and working High RTO
5.4.2.2 Warm backup sites

Annotations:

  • Uses dedicated hardware to keep the organisation operating at minimal levels Recovery can take minutes to hours
5.4.2.3 Hot backup sites

Annotations:

  • Mirrored standby servers that are always available to run in case of a disaster Recovery time within seconds or minutes Real time synchronous backups
5.4.2.4 Fault tolerance

Annotations:

  • IT systems which can switch to the backup site with no loss of data or service during disaster RTO and RPO are close to zero Highest level of system automatic failover
6 Benefits and challenges
6.1 Benefits
6.1.1 Reduction in exposure to risks
6.1.2 Improved operational resilience
6.1.3 Reduced downtime through contingency plans
6.1.4 Better service delivery
6.1.5 Compliance with legislation
6.1.6 Improved BPs
6.1.7 Maintaining credibility as a business
6.2 Challenges
6.2.1 Costly and complex requirements
6.2.2 Time consuming to identify critical systems that must be recovered
6.2.3 Frameworks and standards too complex for small and medium businesses
6.2.4 DRP regulations can be ambiguous
7 Future trends
7.1 BCM will be used to support tactical and strategic resilience
Show full summary Hide full summary

Similar

What were the Cause and Consequences of The Cuban Missile Crisis October 1962
matthewnr73
Electromagnetism: Magnetic Flux Density & Magnetic Flux 2
tatemae.honne
Psychology flashcards memory
eharveyhudl
GCSE Science - B1 - You and Your Genes - Genes, Chromosomes and DNA
GeorgeHaines
GCSE Geography - Causes of Climate Change
Beth Coiley
GCSE REVISION TIMETABLE
nimraa422
Acids, Bases and Salts
asramanathan
Système circulatoire sanguin
Martin Fortier
Creating Mind Maps with GoConqr
Sarah Egan
Core 1.10 Polymers (Plastics)
T Andrews
10 good study habits every student should have
Paras Garg