Disaster Recovery Plan for the IT Department

Part I:

The IT department is one of the most important departments in all organization. The IT department is composed of people, machines, processes, and materials / files-both soft and hard copies

Documentation

Accountability

For the IT department, the disaster recovery plan must include:

Documentation requirements the disaster recovery plan must include the list of all the personnel in the departments and their responsibilities

Document all the goals and objectives of the DR plan

This includes the total areas or number of fictional areas to be covered, the duration allowable before maximum damage is down, the amou8nt of damage allowable. The key processes, as well as the dependencies. Manual and automatic process as well as data transfer process. It is also important to document the filing and storage process and to what storage space, both cloud and physical storage- servers

Identify the key business and legal requirement for managing disaster

For example, the plan should outline the HIPAA, ISO 17799, and other regulation that governed files management, employee safety and healthy

Documentation of single point of failure

The documentation should also include all the single points of failure that can be checked first to mitigate risk. This will include all the people likely to case failure, the software used, the equipment being used as well as the infrastructure in the departments. This analyze should focus on the possible impact of any failure, the chances or actual probability of failure occurring, the number of failure incidents per year as well as he cost of mitigation. Finally, it must also include the annualized expected loss

Part II:

The disaster recovery plan is mainly done to cover the following functional areas

Recovery data

Restore and sustain business operations

Transfer data as required back to the production channel

On the other hand, the DRP must address three main technical areas:

Issues associated with hardware damage such as RAM, hard disk, keyboards, processors and the servers, cloud-computing system

The compute networking issues such as the LAN, TCP/IP, VPN WAN, wireless connection,

The software issues: software such as antivirus, operating system, office or word processing system and the rest after a disaster

Main disaster

Abrupt loss of power- damages only the power supply, processors, leads to loss of files

Damage/ dropping from a raised surface- hardware damage, breakage of parts, loss files

Virus and cyber attack- loss of files, breach of information security e

Immediate actions

The immediate action in case of cyber attack is to remove the computer form the internet, discontent any connection, and remove unit from the network of other computer to avoid the spread of vises

The second thing is to try to transfer data to another hard disk for recovery or virus scanning

a. Whom to call right away.

I case of an emergency such as software issues, virus attack, software failure, computer hang-ups please call the following persons:

Denis Okari- technical manager

Laba O.- process superintendent

Ken W- data recovery specialist

2. Detailed Containment Actions

Virus mainly causes software problem especially when the antivirus is outdated. This may mean that the entire network is corrupt, or is at risk of being infected with the virus. The containment action required factor reaction by first. Transferring the data to a safe hard disk for scanning and storage. Storage may be done in a server, physical hard disk or in a cloud. In much case, system with High Availability (HA) capabilities is required (Cougias, Heiberger, & Koop, 2003).

The second step is to allow the data recovery specialist to determine if there is any damage or lost data that can be recovered. After all the recoverable data is recovered and the specialist is convinced that no more data can be recovered, the computer specialist takes over to format the computer and install the operating system and new antivirus software. Then computer is then reinstalled into the local area network for continued use (Wallace, & Webber, 2004).

a. What to do to reduce further damage

To reduce the further damage to the computer, and the entire networked system. It is important to save the files in cloud system then format the entire computer and reinstall all the necessary security measures including software and security updates required to improve stability and security of the computers.

b. First things the recovery team does once onsite:

Removing the onboard storage device- the hard dick, and Ram

Scanning the storage device for virus infection

Transferring the data to another device

3. Recovery Actions.

a. Basic actions.

Disconnecting the computer from the system

Conducting preliminary checks on the sn5tuire system

b. Critical functions.

Using the data recovery software to recover as much data as possible

Repairing or replacing any damaged hard disk or installing antivirus software on site

c. Restoration priorities.

The restoration priorities is to recover the recent files as much as possible then recover the older files depending on the importance

4. Foundation Documents.

a. Asset List.

Computer, network cables, keyboards, networked devices, printer, scanner, camera, phones, internet modern, routers etc

c. Critical Process Impact Matrix.

Critical Process Impact Matrix

Date:

Normal Operating

Critical operating

Support

Customer Contacts

system

Platform

Days

Times

Days

times

Primary

Backup

Primary

Backup

Accounts payable

Sage, quick book, freshboosk

Everyday

24 hours

24 hours

Data specialist

IT manager

Customer care manager

Department manager

Materials

ERP

Everyday

24 hours

24 hours

technician

IT manager

Customer care manager

Department manager

system

ERP

Everyday

24 hours

24 hours

technician

IT manager

Customer care manager

Department manager

payroll

ERP

Everyday

24 hours

24 hours

technician

IT manager

Customer care manager

Department manager

Order quantity management

ERP

Everyday

24 hours

24 hours

technician

IT manager

Customer care manager

Department manager

d. Critical Process Breakdown Matrix.

System

ERP, CRM, ACCOUNTS, OEQ Manager

Platform

Key components

Hardware

Ho workstation hw6000

Software

Operating System Off Ice Packages, Accounting Packages, CRM, ERP system

Material

Book, paper, ink, cartridges,

Users

The IT manager, and departmental heads

suppliers

All suppliers

Data communication network

Telecommunication system

5. Employee Recall List.

The employee recall list should be prioritized based on their importance and technical, experience in relations to disaster recovery. The technical personnel first, followed by the non technical Staff (Wallace, & Webber, 2011).

6. Vendor List.

The list of all the special parts and supplier should be listed to provide the parts and replicable as required

7. Manual Workaround Processes

The manual workaround process should be place at the common areas for ease of accessibility

8. Relocating Operations.

If the operations are to be relocated, they should start with the most important functional areas followed by the less important.

References

Wallace, M., & Webber, L. (2011). The disaster recovery handbook: A step-by-step plan to ensure business continuity and protect vital operations, facilities, and assets(4th ed.). New York: American Management Association.

Wallace, M., & Webber, L. (2004). The disaster recovery handbook: A step-by-step plan to ensure business continuity and protect vital operations, facilities, and assets. New York: American Management Association.

Cougias, D. J., Heiberger, E. L., & Koop, K. (2003). The backup book: Disaster recovery from desktop to data center. Lecanto, FL: Schaser-Vartan Books.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s