---

DRP / BCP Issues

What is
Disaster Recovery?

DRP BCP Basics

Why Plans Fail

Cloud Backup

Are You Prepared
for a Disaster?

Pandemic

Risk Assessment

Process

Best Practices

Media Communication

Clean up - How To

What to do after
an explosion,
terrorist attack, or
random act of violence

Disaster Recovery
and Business Continuity

Metrics

Funding

Funding Request
Presentation

Maximum Tolerable
Period of Disruption

Disaster Recovery Guide

Common Mistakes

Why Disaster Recovery
Business Continuity
is not complete
and or inaccurate

---

 

Disaster Recovery Manual

The Disaster Recovery Business Continuity Manual is what over 3,000 enterprise world wide have chosen as their standard.

ISO 27000, SOX,
PCI-DSS & HIPAA Compliant

 

The Standard for Disaster Recovery and Business Continuity

The Disaster Recovery Manual (DRP) can be used as a Disaster Planning template for any size of enterprise. The Disaster Recovery template and supporting material have been updated to be Sarbanes-Oxley and HIPAA compliant. The Disaster Planning Template comes as both a Word document and a static fully indexed PDF document and includes:

• Disaster Recovery Manual and Business Continuity Template
• Business and IT Impact Analysis Questionnaire
• Work Plan
• Disaster Recovery / Business Continuity Audit Program
• Pandemic Planning Checklist

Preparation for Disaster Recovery / Business Continuity in light of SOX has two primary parts. The first is putting systems in place to completely protect all financial and other data required to meet the reporting regulations and to archive the data to meet future requests for clarification of those reports. The second is to clearly and expressly document all these procedures so that in the event of a SOX audit, the auditors clearly see that the DRP exists and will appropriately protect the data.

New in recent addition to the DRP BCP Template:

• Backup & Backup Retention Policy
• Disaster Recovery Audit Program
• Compliance with the ISO 27000 Series Standards (formerly ISO 17799 now ISO 27001 & ISO 27002), Sarbanes-Oxley, PCI-DSS, and HIPAA
• Web Site Disaster Recovery Planning Form
• Project Status Report Form
• Personnel Location Report
• Department Disaster Recovery Activation Workbook
  • Quick Reference Guide
  • Team Alert List (Form)
  • DRP Team Responsibilities
  • DRP Team Checklist
  • Critical Function(s) Definition
  • Normal Business Hour Response Procedures
  • After Hours Response Procedures
  • DRP Location(s) Definition
  • DRP Recovery Procedures
  • Notification Procedures
  • Notification Call List (Form)
• Updated Business and IT Impact Analysis Questionnaire
• Vendor Disaster Recovery Questionnaire
• Vendor Phone List Form Updated
• Key Customer Notification Form
• Critical Resources to be Retrieved Form
• Business Continuity Off-Site Materials Form
• Business Continuity Audit Program

The premium edition contains 15 full job descriptions. They are:

• Chief Information Officer
• Chief Security Officer
• Chief Compliance Officer
• VP Strategy and Architecture
• Director Disaster Recovery and Business Continuity
• Director e-Commerce
• Manager Disaster Recovery
• Manager Disaster Recovery and Business Continuity
• Disaster Recovery Coordinator
• Disaster Recovery - Special Projects Supervisor
• Manager Database
• Capacity Planning Supervisor
• Manager Media Library Support
• Manager Site Management
• Pandemic Coordinator

The DRP template is over 200 pages and includes everything needed to customize the Disaster Recovery Plan to fit your specific requirement.  The electronic document includes proven written text and examples for the following major sections of a disaster recovery plan:

• Plan Introduction
• Business Impact Analysis - including a sample impact matrix
• DRP Organization Responsibilities pre and post disaster - DRP / BCP checklist
• Backup Strategy for Data Centers, Departmental File Servers, Wireless Network servers, Data at Outsourced Sites, Desktops (In office and "at home"), Laptops and PDA's.
• Recovery Strategy including approach, escalation plan process and decision points.
• Disaster Recovery Procedures in a check list format
• Plan Administration Process
• Technical Appendix including definition of necessary phone numbers and contact points
• Job Descriptions
  • Disaster Recovery Manager
  • Manager Disaster Recovery and Business Continuity
  • Pandemic Coordinator
• Work Plan to modify and implement the template. Included is a list of deliverables for each task. (Risk Assessment and Vulnerability Assessment)

There is a extensive section that shows how a full test of the DRP can be conducted.  It includes

• Disaster Recovery Manager Responsibilities
• Distribution of the Disaster Recovery Plan
• Maintenance of the Business Impact Analysis
• Training of the Disaster Recovery Team
• Testing of the Disaster Recovery Plan
• Evaluation of the Disaster Recovery Plan Tests
• Maintenance of the Disaster Recovery Plan

Click on the link below to get the DRP/BC sample pages now and make it part of your disaster recovery toolkit.

Backup Matrix - Sample from Disaster Recovery Manual

 

 

 

 

 

 

Disaster Recovery Manual News

---

Business process contingency plan is disaster recovery plan

A disaster recovery plan (DRP) - sometimes referred to as a business continuity  plan (BCP) or business process contingency plan (BPCP) - describes how an organization is to deal with potential disasters. Just as a disaster is an event that makes the continuation of normal functions impossible, a disaster recovery plan consists of the precautions taken so that the effects of a disaster will be minimized and the organization will be able to either maintain or quickly resume mission-critical functions. Typically, disaster recovery planning involves an analysis of business processes and continuity needs; it may also include a significant focus on disaster prevention. - more info

---

Disasters can occur any where at any time

Disasters are unpredictable by nature and can strike anywhere at anytime with little or no warning. Recovering from one is expensive and time consuming, particularly for those who have not taken the time to think ahead and prepare for such possibilities.

Disaster Planning - Janco has found that 80% of all enterprises that do not have a disaster recovery / business continuity plan in place before a disaster occurs never reopen.  However, when disaster strikes, those who have prepared and made recovery plans survive with comparatively minimal loss and/or disruption of productivity.

Disasters can take several different forms. Some primarily impact individuals -- e.g., hard drive meltdowns -- while others have a larger, collective impact. Disasters can occur such as power outages, floods, fires, storms, equipment failure, sabotage, terrorism, or even epidemic illness. Each of these can at the very least cause short-term disruptions in normal business operation. But recovering from the impact of many of the aforementioned disasters can take much longer, especially if organizations have not made preparations in advance.

Most of us recognize that these potential problems as possibilities. Unfortunately the randomness of some of these disasters lulls some organizations into a sense of false security-"that's not likely to happen here." However, if proper preparations have been made, the disaster recovery process does not have to be exceedingly stressful. Instead the process can be streamlined, but this facilitation of recovery will only happen where preparations have been made. Organizations that take the time to implement disaster recovery plans ahead of time often ride out catastrophes with minimal or no loss of data, hardware, or business revenue. This in turn allows them to maintain the faith and confidence of their customers and investors.

Disaster Recovery Planning is the factor that makes the critical difference between the organizations that can successfully manage crises with minimal cost and effort and maximum speed, and those that are left picking up the pieces for untold lengths of time and at whatever cost providers decide to charge; organizations forced to make decision out of desperation.

- more info

---

Disaster Plan Common Failures

Disaster Recovery Business Continuity - Common Failures 

Most common mistakes made in Disaster Recovery and Business Continuity Planning are eliminated by implementing the Janco Disaster Recovery and Business Continuity Template.  Problems that are avoided are:

- more info

---

A disaster occurs -- now what?

A disaster or business interruption occurs, what do you do?  A quick roadmap to follow is:

• Do not panic and remain calm! When a disaster or business interruption occurs the first priority number is to ensure the safety of the employees.
• Evaluate the disaster!  Determine the impact on your personnel and enterprise operations, this evaluation the event is critical in making the decision to activate the disaster recovery business continuity procedures.
• Communicate with everyone that can be impacted! Communicate with your team, managers, affiliates, and vendors frequently. Even if there is no status to report, do not leave anyone guessing or letting them draw their own conclusions.
• Know the disaster recovery business continuity plan! Testing the Business Continuity Plan regularly helps everyone in becoming familiar with what will happen and how it will be done.
• Be decisive! Once you have determined the level of disaster and everyone is safe to operate, it is time to make the decision if you need to implement the business continuity procedures or if the downtime for recovery acceptable.
• Start the process! Start with recovering the most business critical systems first to restore business operations to a functional level. There should not be any question, which order which applications need to be restored first.
• Lock down all backups and critical documentation! The first step to the recovery is having a set of data to recover from. This could be anything from archived tape, local disk copy, and a co-location or disaster recovery data center.
• Use multiple solution paths! Assume that nothing will work and have alternatives in place  
• Reactivate normal operations! Once the systems are operational, the disaster is over and systems are repaired it is time to move the workloads back to where they were originally.

- more info

---

Next Disaster Requires Culture of Preparedness

At the center of the recent White House report "Hurricane Katrina: Lessons Learned," there is a call to "foster a new, robust culture of preparedness."

The challenge comes after the report details the long list of tragedies that last year's deadly hurricane wrought, including more than 1,330 deaths and $96 billion in property damage. In terms of communications, 38 centers that normally handled 911 calls failed, while 3 million customers lost phone service.

The report urges a wide variety of players to build this new culture, including myriad federal agencies and tens of thousands of state and local emergency first responder agencies. And it calls on private citizens and the private sector to take part.

- more info

---

Regulatory compliance impacts disaster planning process

Increasing regulatory oversight: as a result of recent natural disasters, man made disasters (Gulf oil spill), and acts of terrorism (the attempted Time Square bombing)), industry and governmental regulations concerning the distance between disaster recovery sites and redundancy levels continue to tighten. In addition, highprofile customer data security breaches have led to calls for stricter regulatory compliance controls across industries (Sarbanes-Oxley, HIPAA, PCI DSS, and European Union Privacy laws). - more info

---

Improve your RTO and RPO

How long can your Enterprise afford to be without your data? With an accelerated disaster recovery program, you never have to answer this question. Download this outline learn how the Janco Disaster Recovery Business Continuity Template can reduce RPOs and RTOs even more. 

Disaster Recovery Guide
Business Continuity Planning

ISO 27001, ISO 27002, ISO 17799, Sarbanes-Oxley, and HIPAA Compliant

         

What is Disaster Recovery and how does the Disaster Recovery Planning Template help?

This DRP Template can be used for any sized enterprise.  

The template and supporting material have been updated to be Sarbanes-Oxley compliant.  The complete package includes:

• Disaster Recovery Planning and Business Continuity Template
• Business and IT Impact Analysis Questionnaire
• Work Plan
• Disaster Recovery / Business Continuity Audit Program

With lost data being a competitive liability, there is no room for downtime in today's business world.

- more info

---

Disadvantages of tape as backup media

Tape is used for backup and archive because it is very inexpensive, but it is an old technology that has been available almost since the dawn of computing. There are several issues with tape-based backup:

 

• Tape-based backup is a time-intensive process that is potentially disruptive to your applications; this issue is commonly referred to as the backup window problem.
• Because of its impact on applications and resources, tape-based backups are usually not performed more than once a day, and often only once every several days, meaning that
  there are very few tape-based recovery points available for use over the course of a week.
• Because your data is changing very frequently (on the order of seconds or minutes), fewer recovery points mean you are risking the loss of large amounts of current data for a given recovery.
• Once it is clear that a recovery needs to occur, it takes time to perform recovery tasks including locating the correct tape, transporting it (if it's offsite), restoring it to disk and restarting the application with the recovered data.
• As a storage media for backup, tape is not entirely reliable; in fact, leading analyst groups state that as many as 1 in 4 backup tapes suffer from some sort of problem that precludes performing a recovery

- more info

---

The Difference Between Disaster Recovery Planning and Business Continuity Planning Defined

Disaster Recovery Planning (DRP) is the process by which you resume business after a disruptive event.  This typically means that you can get the enterprise computers, networks, and data base operational. The event might be something huge-like an earthquake or the terrorist attacks on the World Trade Center-or something small, like malfunctioning software caused by a computer virus.

Given the human tendency to look on the bright side, many business executives are prone to ignoring "disaster recovery" because disaster seems an unlikely event. However Janco has found that over one third of all enterprises have had to activate their Disaster Plans in the last few years.

Business Continuity Planning (BCP) suggests a more comprehensive approach to making sure you can keep the enterprise going and meet it business objectives. This goes beyond the enterprise computers, networks and data bases.  However, the two terms are married under the acronym DR/BC or DRP/BCP. At any rate, Disaster Recovery Planning and/or Business Continuity Planning facilitate how a company will keep functioning after a disruptive event until its normal facilities are restored. 

- more info

---

Network Disaster Recovery and Business Continuity CIO's Concern

In addition to the lack of a consoli­dated disaster recovery / business continuity plan  for the network management system, network operations are plagued by other problems:

• Network recovery plans are impacted by unanticipated traffic growth, configuration issues; link overloads due to traffic rerouted around failed network elements, and more.
• Changes may lead to undocumented side effects, so understanding the impact of changes before making them is essential for reliable network operations.
• The monotonous work of making simple changes to hundreds or thousands of devices or objects is error prone and often difficult to reproduce in the recovery mode.

To add to the pressure, network operations teams are expected to run larger networks that have become many times more important to the business, and to do so with fewer staff members. These con­ditions exacerbate the problems associated with disparate disaster recovery and business continuity plans.

 

- more info