Feed Description

 

  HTML News Feed     ---     Current IT News    ---  Links  --- WAP Mobile Feed

 

Disaster Recovery Planning

Disaster Recovery Plan Template
Business Continuity
ISO27001, ISO27002, Sarbanes - Oxley, PCI, and HIPAA Compliant

 

This Disaster Recovery Plan (DRP) can be used as a Disaster Planning template for any enterprise. The Disaster Recovery template and supporting material have been updated to be ISO 27000, Sarbanes-Oxley, PCI-DSS, and HIPAA compliant.  The Disaster Planning Template comes as a Word document and includes:

  • Disaster Recovery and Business Continuity Template

  • Business and IT Impact Analysis Questionnaire

  • Work Plan

New with this version are:

  • Web Site Disaster Recovery Planning Form

  • Department Disaster Recovery Activation Workbook

    • Quick Reference Guide

    • Team Alert List (Form)

    • DRP Team Responsibilities

    • DRP Team Checklist

    • Critical Function(s) Definition

    • Normal Business Hour Response Procedures

    • After Hours Response Procedures

    • DRP Location(s) Definition

    • DRP Recovery Procedures

    • Notification Procedures

    • Notification Call List (Form)

  • Vendor Disaster Recovery Questionnaire

  • Vendor Phone List Form Updated

  • Key Customer Notification Form

  • Critical Resources to be Retrieved Form

  • Business Continuity Off-Site Materials Form

Included in the template is Business Impact Questionnaire as well as a full Job Description for the Disaster Recovery Manager.  The premium edition contains 14 full job descriptions.

Clients can also subscribe to Janco's DRP update service and receive all updates to the DRP Template for 18 months* from the date of purchase. 

The DRP template is over 200 pages and includes everything needed to customize the Disaster Recovery Plan to fit your specific requirement.  The electronic document includes proven written text and examples for the following major sections of a disaster recovery plan:

  • Plan Introduction

  • Business Impact Analysis - including a sample impact matrix

  • DRP Organization Responsibilities pre and post disaster - drp checklist

  • Backup Strategy for Data Centers, Departmental File Servers, Wireless Network servers, Data at Outsourced Sites, Desktops (In office and "at home"), Laptops and PDA's.

  • Recovery Strategy including approach, escalation plan process and decision points

  • Disaster Recovery Procedures in a check list format

  • Plan Administration Process

  • Technical Appendix including definition of necessary phone numbers and contact points

  • Job Description for Disaster Recovery Manager (3 pages long) - entire disaster recovery team job descriptions are available.

  • Work Plan to modify and implement the template.  Included is a list of deliverables for each task.

There is a extensive section that show how a full test of the DRP can be conducted.  It includes

  • Disaster Recovery Manager Responsibilities

  • Distribution of the Disaster Recovery Plan

  • Maintenance of the Business Impact Analysis

  • Training of the Disaster Recovery Team

  • Testing of the Disaster Recovery Plan

  • Evaluation of the Disaster Recovery Plan Tests

  • Maintenance of the Disaster Recovery Plan

Testimonial - Dave Baker - City of Hamilton - I have found the DRP template invaluable!

Testimonial - Bob Rifenbury -MCSE/CCNA Lauch Testing Lab - The DRP Template saved me about 6 months of work!

Testimonial -  Kelly Keeler - Martin's Point Health Care - I have received and I began using the template immediately. IT IS GREAT! Made this process a snap for me. Cut my documentation time down from.  weeks to hours! This document has made, what began to be an overwhelming process turn into a snap!

Testimonial - Juan Stamos - Mexico City Corporation - We had a DRP in place, but needed a more user friendly structure.  The Disaster Recovery Template (Gold edition) has that structure.  It was very easy to quickly move our DRP into Janco's DRP Template -- a real added value.

 
* Update service is for 12 months unless it is purchased within 30 days of the purchase of the Template.  Janco reserves the right to validate purchase of the customer was made for the template.

 

This template is not for resale or re-distribution - Disaster Recovery Planning Template Disaster Recovery Template


 

 

 

Disaster Recovery News

07/22/2008
Seven Steps to a Working Contingency Plan

 
There are seven steps that can be followed according to the Disaster Recovery / Business Continuity Template published by Janco Associates.  They are:

1.       Acknowledge that at disaster can occur

2.       List and prioritize the risks your enterprise faces  from each disaster threat

3.       Inventory your enterprise’s technology and operational structure

4.       Inventory your enterprise’s technology assets

5.       Define the necessary service levels your enterprise and its customers need

6.       Develop a plan to operate during and after the disaster

7.       Test the plan that you have created


more info  

07/18/2008
Disaster Planning at Colleges and Universities Are a Focus of Many

Colleges and universities across the United States are moving quickly to adopt text messaging as their first line of emergency notification, experts said.

Disaster PlanningThe rush to find ways to send tens of thousands of SMS messages to student cell phones has been intensified becasue all of the recent on campus incidents.

However, these incidents are not the only recent incentive for schools to look for ways to reach their students in an emergency. Other reasons include weather emergencies, especially in the South where hurricane evacuations are almost an annual event.

And, of course, there's the fact that the U.S. Department of Education requires colleges and universities to have the means to reach their students in a timely manner in times of crisis. The question for university administrators has always been what is the best way to notify students, and in many cases, that boils down to e-mail, since virtually every student has a school e-mail account. The problem is, as Virginia Tech found to its sorrow, that e-mail is rarely an adequate solution.


more info  

07/06/2008
Floods Cause Many Firms to Go Out of Business

(Computerworld) - As historic floodwaters start to receded along the Mississippi and other Midwestern rivers, local businesses in affected communities like Cedar Falls, Iowa, were busy assessing the impact on IT equipment and whether disaster recovery plans stood the test.

A maker of computer games in Cedar Falls, may be permanently displaced after Cedar River floodwaters reached 6 feet in its administrative offices and 5.5 feet in an adjoining warehouse. The company sustained about $250,000 in damage to inventory.

The firm's president said all 65 employees are now working temporarily in borrowed offices in three facilities.

As the floodwaters approached on June 9, employees scurried to save 120 PCs, 80 monitors and eight servers. Three high-end printers could not be removed in time.

The company plans to revise his disaster recovery plan. "When a river comes up 6 feet higher than it ever has before, it's tough to have that foresight," they said. "But it is probably going to happen again."

A software development company has plans to deal with tornados and electrical outages, but executives never dreamed they would have to contend with the Cedar River surpassing 500-year-flood levels. "Going through this experience [will] make those plans [more] than just part of an IT checklist," he said.

A key lesson learned was that companies must prepare for employees to miss work to help families and communities after natural disasters.
more info  

06/10/2008
British Oppose Disaster Planning Law BBC: Environmental groups are campaigning against planning laws they claim will lead to "faceless bureaucrats" taking decisions on major projects. Opponents of the government's Planning Bill say it sweeps away local accountability for developments such as motorways and airports. Instead, they want people to have more say on the decisions that affect them.

The government says planning laws need reform to meet long-term challenges, such as those posed by climate change. The bill, currently going through Parliament, aims to replace the current system of holding a sometimes lengthy and expensive public inquiry each time a major infrastructure project is proposed, such as an airport or a power station.

…People living near the proposed projects would have limited opportunities to object. The government argues that the reform is needed to ensure the planning system can "meet the long-term challenges we face as a society."

…But the Planning Disaster Coalition, which include Friends of the Earth, the National Trust and the Campaign to Protect Rural England says the change will make a "mockery" of democracy, by taking away the rights of people to have their say on developments in their local area….
more info  

05/28/2008
Ways to Enhance Your Disaster Recovery Plan

Threre a a number of ways in which an enterpriser can add value in their disaster recovery capabilities. For example, storage vendors are enhancing their replication capabilities, tools for rapid recovery for databases and core applications like Exchange are finding their way into organizations of all sizes, and virtualization has opened new disaster recovery opportunities to a wide range of organizations.

However, before placing the technology cart before the horse, a critical phase in any form of disaster recovery planning and design is to establish a solid understanding of applications and their interdependencies. A good initial step in this process is the establishment of a disaster recovery application inventory.

What should such an inventory include? While requirements can vary depending on the organization, a basic listing should include the following items:

  • Application name and description
  • Business function -- the business unit or functional area the application supports
  • Business process -- the specific business process supported
  • Recovery objectives -- stated recovery time objective (RTO) and recovery point objective (RPO) targets for the application
  • Known related applications -- this includes both applications that act as sources and targets in the business process
  • Server details -- a list of the actual servers, both physical and virtual, on which the application resides, along with configuration details
  • Storage details -- the actual storage devices and logical unit numbers (LUN) allocated to the servers
  • Software requirements -- specific information about the software
more info  

05/13/2008
Disk-based vs. Tape Backup

Disaster Recovery Plan Template

Disk-based vs. Tape Backup: The Pros and Cons All organizations use tape to back up data nightly. Tape is fairly inexpensive and low-tech, but managing and administering tape, backing up to tape and restoring files from it can be time consuming, unreliable and complex. Disk has always been an easier, more reliable alternative, but until recently its high acquisition cost has made it untouchable for many organizations. Fortunately, new disk and data reduction technologies have recently converged to make disk-based backup available at about the same price of tape backup systems.
more info  

05/01/2008
Disaster Planning and Security Management a Real Issue

Consider the Herculean efforts today to protect the network from threats: Intrusion prevention systems scan packets for potentially damaging content; email security systems check for viruses in email content and firewalls block unsolicited connections. To stop the onslaught of threats to corporate and government networks, a host of software and appliances are being deployed daily . In general, these border police applications are doing a fairly decent job of stopping unauthorized intrusion at the door to your network.

Security Template Sarbanes OxleyDisaster Planning Security Template

But what about organizational insiders? Which applications or appliances are scrutinizing the information being passed out of the network? Intrusion prevention systems and firewalls aren’t looking for intellectual property sliding out the door right under their virtual noses. Specifically in healthcare organizations, what about patient information sent unprotected over the Internet to another provider? Add in the always-changing regulatory environment, and security is a unique challenge. All it takes is one misstep to compromise sensitive information. These are legitimate, authorized users communicating in an above-board way – but potentially exposing sensitive data in the process. This is the core of the immensely complex problem of data loss.

Security



To address the data loss problem, organizations need to focus now on content filtering and blocking of electronic communications leaving the network – and not just email, but instant messaging (IM), webmail, HTTP and FTP communications as well . All avenues of electronic communication need to be policed to prevent intellectual property, financial information, patient information, personal credit card data, and a variety of sensitive information (depending on the business and the industry) from falling into the wrong hands.
more info  

04/25/2008
How Do You Back Up Remote Sites

Disaster Planning Business ContinuityThe global enterprise has a voracious appetite for data, and little patience for downtime. According to a recent Forrester report, 82 percent of larger IT organizations rated improving recovery time as a “critical” or “very critical” business priority. The need for continued focus and investment is clear, especially when you consider that data-at-rest in enterprises is growing at a compounded rate of 55 percent a year. Moving all that data is a mounting challenge, and business simply cannot wait.

 

To meet these growing demands at a reasonable cost, organizations are moving to IP-based networks; 70 percent of North American and 79 percent of European organizations use some combination of the Internet, MPLS or Ethernet to connect to their primary backup datacenter. Bandwidth prices may be in decline, but that doesn’t mean it comes cheap. Bandwidth, on average, is 29 percent of the total cost of replication, backup and recovery solutions, and is often constrained by the effects of latency.

 

 

 

End-to-end plans for turning disaster recovery into full business continuity are very complex, but from an IP-network perspective it can be reduced to three main challenges.
more info  

04/19/2008
IT and Business DRP challenges

DRP SecurityDisaster plan need to take into account mainframes, blade servers as well as distributed file servers.  The problem is more complex as enterprises slowly move away from IT and Business alignment towards IT and Business convergence.  For example, 3mMainframes continue to hold their own against the onslaught of distributed server architectures, not because they are considered superior to newer technologies but because they still have a unique role to play in the enterprise. Recent market research indicates that 90 percent of mainframe users see the devices as long-term data hub and transaction server solutions fully suited to expected future workloads, particularly in SOA and Web services endeavors. Distributed servers, meanwhile, are likely to appeal to specialized shops with low MIPS requirements.


more info  

04/15/2008
Virginia Tech Tragedy Leads Others to Establish Disaster Communication  (Computerworld) The deadly shootings of 32 people by a lone gunman at Virginia Tech one year ago on Wednesday galvanized college campuses nationwide, leading to a surge in new mass emergency communications purchases -- especially wireless text messaging technologies.

Disaster Planning Security Template

University police and IT and communications professionals from around the nation said in recent interviews that the killings of Virginia Tech students and faculty on the Blacksburg, Va., campus by gunman Seung-Hui Cho led to a buying spree of new communications technologies and services. The goal was to bolster the capabilities of existing e-mail and voice-mail systems, as well as outdoor sirens.

The Virginia Tech shootings heightened our awareness of additional ways to disseminate crucial information -- including the use of text messaging because of its popularity with college students, said the president-elect of The Association for Communications Technology Professionals in Higher Education (ACUTA) and an IT professional at Columbia University in New York. a flurry of activity has ensued in the past year, she added, with both large and small colleges evaluating their emergency communications needs.


more info