Join Our Mailing List
Email:
DRP and Security

Experts Agree You Should Update Your Plan Annually

It goes without saying that every company, regardless of size, needs a concise business continuity plan in case of an emergency. If you don't have a disaster recovery plan or haven't updated yours recently, now is the time to take this critical step to protect your business.

At the same time there are more security requirements that need to be met.  Executive management is depending on you to have the right security policies and procedures in place.

Chief Information Officers and Chief Security Officers need to have DRP and Security policies and procedures in place that address all of the issues of management and these templates meet this need.

Order

Disaster Planning Business Continity News

 

Below are the top 5 stories from the Active News Feeds created by Janco Associates for issues on disaster planning and business continuity

 

Disaster Planning Business Continuity News

ISO 17799 - disaster recovery - business continuity defined

SO 17799 is often used as a generic term to describe what are actually two different documents: ISO17799 (also ISO 27002), which is a set of security controls (a code of practice), and ISO 27001 (formerly BS7799-2), which is a standard 'specification' for an Information Security Management System (an ISMS).

DRP Security Template  DRP BCP Audit

ISO 17799 establishes guidelines and general principles for initiating, implementing, maintaining, and improving information security management in an organization. The objectives outlined provide general guidance on the commonly accepted goals of information security management. ISO/IEC 17799:2005 contains best practices of control objectives and controls in the following areas of information security management:

  • security policy;
  • organization of information security; 
  • asset management;
  • human resources security;
  • physical and environmental security;
  • communications and operations management;
  • access control;
  • information systems acquisition, development and maintenance;
  • information security incident management;
  • business continuity management;
  • compliance.

The control objectives and controls in ISO/IEC 17799 are intended to be implemented to meet the requirements identified by a risk assessment. ISO/IEC 17799 is intended as a common basis and practical guideline for developing organizational security standards and effective security management practices, and to help build confidence in inter-organizational activities

- more info

Disaster Planning is Complex

An increasing number of professionals know that small-scale emergencies can be contained if staff members are prepared to react quickly. Damage can be limited even in the face of a large-scale disaster. For example, cultural institutions in Charleston, South Carolina, formed a consortium that focused on disaster preparedness several years before they were hit by a hurricane. Many of those institutions sustained only minor damage because they were able to put their early warning procedures into operation.

Disaster planning is complex; the written plan is the result of a wide range of preliminary activities. The entire process is most efficient if it is formally assigned to one person who acts as the disaster planner for the institution and is perhaps assisted by a planning team or committee. The enterprise's director may play this primary role or may delegate the responsibility, but it is important to remember that the process must be supported at the highest level of the organization if it is to be effective. The planner should establish a timetable for the project and should define the scope and goals of the plan, which will depend largely on the risks faced by the enterprise.

- more info

Disaster recovery business continuity team leader tasks

The tasks that the leader of a disaster recovery business continuity project needs to complete are:

  •  Establish BC program lifecycle processes within your organization
  • Assess business and technology requirements for a BC plan
  • Evaluate business continuity risks to your organization
  • Identify and select cost-effective BC recovery strategies
  • Organize an effective BC team
  • Develop a BC plan document
  • Coordinate BC plan with external entities
  • Develop an effective test plan for testing the BC plan
  • Organize and conduct successful BC plan tests
  • Establish a process for maintaining the BC plan
  • Implement a BC plan change management process
  • Understand the main differences between a disaster recovery plan, emergency response plan, crisis management plan, and business continuity plan
- more info

Business continuity after a terroist attack or a pandemic

Most aspects of business continuity and disaster recovery planning apply to terrorist attacks and pandemics just as much as to fires, hurricanes, floods, earthquakes, and other natural and manmade disasters.  Business Continuity However, there are a number of areas that need to be re-visited because of the uniqueness of these types of interruptions. 

  • Communication - While communication is important in any disaster recovery scenario, it is particularly critical in the event of a terrorist attack or a pandemic. Employees and their families may be personally threatened, and they may be exposed to rumors and panics, it is particularly important that they receive accurate, up-to-date information on safety and health issues. Employees also need detailed information on company policies and procedures for working in the new environment, and open communication channels to company officials to help resolve personal and work-related issues in high-stress situations.
  • Security and Connectivity - Enterprises must plan to provide secure and reliable access to corporate networks for employees who work in their homes, hotels, or other remote locations. Administrators must have a plan for distributing software to remote computers, ensuring security on computers outside of the corporate firewall, and providing backup and data encryption capabilities to mitigate the risk of mobile devices with sensitive data being lost or stolen.
  • Collaboration and Re-Engineered Processes - Planners and developers must re-engineer business processes so they can continue without face-to-face interaction between employees.

 

- more info

Business continutiy defined

Disaster Recovery Plan Template
In the simplest of terms, it is good business for a company to secure its assets. CIO under the direction of CEOs and enterprise shareholders must be prepared to budget for and secure the necessary resources to support business continuity.

It is necessary that an appropriate administrative structure be created to effectively deal with crisis management. This will ensure that all concerned understand who makes decisions, how the decisions are implemented, and what the roles and responsibilities of participants are. Personnel used for crisis management should be assigned to perform these roles as part of their normal duties and not be expected to perform them on a voluntary basis. Regardless of the organization - for profit, not for profit, faith-based, non-governmental - its leadership has a duty to stakeholders to plan for its survival.

OrderDownload Table of Contents

With the explosion of technology into every facet of the day-to-day business environment there is a need to define an effective infrastructure to support operating environment; have a strategy for the deployment and technology; and clearly define responsibilities and accountabilities for the use and application of technology.

The template comes as both a WORD document utilizing a CSS style sheet that is easily modifiable. 

- more info