Disaster recovery business continuity planning 19 november 2013
This presentation is the property of its rightful owner.
Sponsored Links
1 / 13

Disaster Recovery & Business Continuity Planning 19 NOVEMBER 2013 PowerPoint PPT Presentation


  • 73 Views
  • Uploaded on
  • Presentation posted in: General

Disaster Recovery & Business Continuity Planning 19 NOVEMBER 2013. JOELLE QUIAPO FOLA OYEDIRAN GREG SWENSON SUKHI BEDI CHENYU GONG. Disaster Recovery and Business Continuity Planning: Testing an Organization’s Plans What Every IT Auditor Should Know About Backup and Recovery

Download Presentation

Disaster Recovery & Business Continuity Planning 19 NOVEMBER 2013

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript


Disaster recovery business continuity planning 19 november 2013

Disaster Recovery & Business Continuity Planning19 NOVEMBER 2013

JOELLE QUIAPO

FOLA OYEDIRAN

GREG SWENSON

SUKHI BEDI

CHENYU GONG

Disaster Recovery and Business Continuity Planning: Testing an Organization’s Plans

What Every IT Auditor Should Know About Backup and Recovery

Auditing Business Continuity


Disaster recovery

Disaster Recovery

  • “More difficult to calculate are the intangible damages a company can suffer.”

  • “Disaster recovery efforts of the past were designed to provide backup options for centralized data centers. Disaster recovery efforts of the present multivendor, multiplatform environment require a plan designed for integrated business continuity.”

Disaster Recovery and Business Continuity Planning: Testing an Organization’s Plans


Question

Question…

What are the two main reasons why organizations do not test their disaster recovery plans regularly?

Answer…

  • Complacency

  • Costly


Business continuity planning

Business Continuity Planning

  • “Serious business interruptions are now measured in minutes rather than hours. Because electronic transactions and communications take place so quickly, the amount of work and business lost in an hour far exceeds the toll of previous decades.”

  • “A minor problem—a faulty hard drive or a software glitch—can cause the same level of loss as a power outage or a flooded data center if a critical business process is affected.”

  • “The key to business continuity lies in understanding one’s business and determining which processes are critical to staying in that business and identifying all the elements crucial to those processes.”

    • Specialized skills and knowledge

    • Physical facilities

    • Training and employee satisfaction

    • Information Technology

Disaster Recovery and Business Continuity Planning: Testing an Organization’s Plans


Disaster recovery business continuity planning 19 november 2013

http://www.novamind.com/blog/2011/articles/business-continuity/


Question1

Question…

What is the goal for companies with NO business tolerance for downtime?

Answer…

Achieve a state of business continuity where critical systems and networks are available no matter what happens.

Think proactively:

  • Engineering availability

  • Security and Reliability into business processes from the onset

  • Not retrofitting a disaster recovery plan to accommodate ongoing business requirements

Disaster Recovery and Business Continuity Planning: Testing an Organization’s Plans


Importance of testing

Importance of Testing

  • “Organizations must make an executive commitment to regularly test, validate and refresh their business continuity and disaster recovery programs to protect the organization against perhaps the greatest risk of all– complacency.”

http://www.bcm-institute.org/bcmi10/en/pr-library-2010-press-release/2011-press-release/696-mall-blast-incident-bcp-case-study


Risks

Risks

  • Complacency or unskilled personnel

  • Power Failure

  • IT System Crashes/ incompatible

  • New Equipment

  • No redundancy


Risks continued

Risks Continued…

Source: Emily Maltby, The Wall Street Journal, Nov 7, 2012.


Question2

Question…

Which of the following would be of MOST concern to an IS Auditor performing an audit of a disaster recovery plan (DRP)?

  • The DRP has not been tested

  • New team members have not read the DRP

  • The manager responsible for the DRP recently resigned

  • The DRP manual is not updated regularly

  • Answer…

  • A. The DRP has not been tested


Controls

Controls


As an auditor

As an Auditor…


Questions

Questions


  • Login