Beruflich Dokumente
Kultur Dokumente
4-1
Outline
The Business Continuity Management Program Components Of The Emergency Response Plan Components Of The Disaster Recovery Plan Components Of The Business Contingency Plan Components Of The Crisis Management Plan
4-2
Communications
Student Services Grants and Endowments General Administration & Finance
4-3
CMP Crisis Management Plan: Steps Taken To Manage The Event To Ensure That
Order Is Maintained, Employee Assistance Is Being Provided, Proper Information Is Being Disseminated By Appropriate Representatives, Action Items Are Effectively Escalated, And Ongoing Internal And External Notifications Are Consistent.
4-4
Working Components
Response - Notifications, assessments, escalations, declarations, etc. (established procedures) Recovery/Relocation - Mobilization, Quick-ship, Infrastructure, Network and Data recovery, etc.. Movement of staff, patients, and business units to alternate facilities (flexibility and adaptability)
Resumption - of Business Operations and I.T. functionality (business units must synch up processes and resume operations at an alternate site)
Re-assessment - of situation, strategies, planning, reactions (input from all involved parties) Restoration - Movement back to home site and/or normal operations (reconstituted at restored site by I.T. and/or Business Units
4-5
First Response
Notification
Escalations
Declarations
4-6
4-8
4-9
I.S. Infrastructure
Applications Analysis
Network Infrastructure
Opens Systems
Documentation
Hardware Systems
Databases
TSO/CICS Test Criteria/Objectives
Owned Equipment DR Vendor Equipment Connectivity Requirements Test Criteria/Objectives Remote Access Parameters Define rogue FTPs Identified Network Services
4 - 10
Emergency Management
Coordinate Control Fund Approve
Recovery
TEST
TEST
TEST
TEST
4 - 12
4 - 13
Assessor Database
Internal Solution
External Solution
Centralized DR Model
-Traditional Offsite Storage -Hotsite Location Approx 100 Miles From Primary Site -T1 Connection Between Hotsite and Local Internal Solution 4 - 15
1 To 24 Hours
Important 3
24-72 Hours
Deferrable 4
> 72 Hours. May not be recovered until migration to the warm site, or the original site is repaired
Standard backups and restore procedures typical of component failures. Backups via tape.
4 - 17
Enterprise Services
Engineering Services
Applications
Network Services
Desktop Computing
Decentralized
I.T. Disaster Recovery Plans
Data Ctr 1
Data Ctr 2
Data Ctr 3
Telelcomm Cabinet
Network POP
Open System 1
Open System 2
Remote Site 1
Remote Site 2
Relays/Router s/Switches
Database
I.T. Disaster Recovery Plan Table of Contents I.T. Overview.1 Call List/Escalation Tree..8 Team Summaries.12 Response Phase Checklist..15 Recovery Phase Checklist..17 Resumption Phase Checklist..24 Restoration Phase Checklist..28 Equipment Inventory.38 Alternate Site Disaster Declaration Procedures..39 Mobilization Procedures43
The Impact Of An I.T. Outage Affects Not Only I.T. But All Departments and Business Functions Supported By I.T.
4 - 19
DRP Disaster Recovery Plan: Steps taken to restore specified infrastructure requirements such as Information Systems, business equipment environments, internal and external network connections, and data structures utilizing alternate resources for hardware, software, data, and networks.
- Hardware - Data and Data Structures - Networks - Production Support - System Software - Applications - Desktop Services
BCP Business Contingency Plan: Steps taken to restore alternate business processes in the event that automated processes or business infrastructures are unavailable, employing documented workaround and/or manual procedures and alternate resources.
- Relocation of Personnel - Availability of remote support services and network connections - Contingency office space
4 - 20
Steps taken to restore alternate business processes in the event that automated processes or business infrastructures are unavailable, employing documented workaround and/or manual procedures and alternate resources.
4 - 21
Alternate Resources
I.T. Workarounds Logistics Personnel & Skill Sets Manual Business Processes Location(s) Facilities Alternate Data Capture Transportation Vendors Personnel Hardware/Software Communications
4 - 23
Loss of I.T Services or Resources Loss of Functional Support Personnel Loss of Facility Loss of Network Connectivity Loss of Voice Communications Loss of 3rd Party Suppliers Loss of Business Partners
4 - 24
Identify key functional components to establish the business environment Define the alternate process requirements for each component Ensure interdependent business processes are identified and can be synched up Define minimal processing requirements for each component
TEST
TEST
TEST
TEST
4 - 25
4 - 26
Department 1
Location 1 Location 2 Location 3 Location 4
Department 2
Location 1 Location 2 Location 3 Location 4
Department 3
Location 1 Location 2 Location 3 Location 4
Department 4
Location 1 Location 2 Location 3 Location 4
Department 5
Location 1 Location 2 Location 3 Location 4
Department 6
Location 1 Location 2 Location 3 Location 4
Department 7
Location 1 Location 2 Location 3 Location 4
Location 1
1st Flr Unit #1 Unit #2 Unit #3 Unit #4 2nd Flr Unit #1 Unit #2 Unit #3 Unit #4 3rd Flr Unit #1 Unit #2 Unit #3 Unit #4 4th Flr Unit #1 Unit #2 Unit #3 Unit #4
Location 2
1st Flr Unit #1 Unit #2 Unit #3 Unit #4 2nd Flr Unit #1 Unit #2 Unit #3 Unit #4 3rd Flr Unit #1 Unit #2 Unit #3 Unit #4 4th Flr Unit #1 Unit #2 Unit #3 Unit #4
Location 3
1st Flr Unit #1 Unit #2 Unit #3 Unit #4 2nd Flr Unit #1 Unit #2 Unit #3 Unit #4 3rd Flr Unit #1 Unit #2 Unit #3 Unit #4 4th Flr Unit #1 Unit #2 Unit #3 Unit #4
Location 4
1st Flr Unit #1 Unit #2 Unit #3 Unit #4 2nd Flr Unit #1 Unit #2 Unit #3 Unit #4 3rd Flr Unit #1 Unit #2 Unit #3 Unit #4 4th Flr Unit #1 Unit #2 Unit #3 Unit #4
Location 5
1st Flr Unit #1 Unit #2 Unit #3 Unit #4 2nd Flr Unit #1 Unit #2 Unit #3 Unit #4 3rd Flr Unit #1 Unit #2 Unit #3 Unit #4 4th Flr Unit #1 Unit #2 Unit #3 Unit #4
Location 6
1st Flr Unit #1 Unit #2 Unit #3 Unit #4 2nd Flr Unit #1 Unit #2 Unit #3 Unit #4 3rd Flr Unit #1 Unit #2 Unit #3 Unit #4 4th Flr Unit #1 Unit #2 Unit #3 Unit #4
Location 7
1st Flr Unit #1 Unit #2 Unit #3 Unit #4 2nd Flr Unit #1 Unit #2 Unit #3 Unit #4 3rd Flr Unit #1 Unit #2 Unit #3 Unit #4 4th Flr Unit #1 Unit #2 Unit #3 Unit #4
4 - 28
Database
I.T. Disaster Recovery Plan Table of Contents Business Unit Overview.1 Call List/Escalation Tree..8 Team Summaries.12 Response Phase Checklist..15 Mobilization Phase Checklist.17 Resumption Phase Checklist..24 Restoration Phase Checklist..28 Equipment Inventory.38 Alternate Site Disaster Declaration Procedures..39 Mobilization Procedures43
Import Templates
Develop BCPs Flexibility when producing BCPs..or executing BCPs Show me all Plans by Department. Show me all Plans by Building..
Event Analysis
Reaction Planning
Communications
Documentation
Catastrophic Events Criminal Events Disease/Epidemics Technological or Safety Utility or Structural Weather Personal vs. Professional
Emotional Assistance Addressing Traumatic Stress Family Assistance Pgms Professional Assistance Provide Information & Counseling Post Incident Follow-up
Local Media Employees Local Authorities Openness Accuracy Balance Designate a point person Continuous Flow
Employee Checklists And Action Plans Press Release Data Employee Notification Mechanisms
4 - 34
Components Of The Crisis Management Plan 9/11/01 irrevocably changed the landscape of Crisis Management Planning forever
Planning: Single Event Institution & Regional Planning: All Hazards Plans
4 - 36
GENERAL
Communications Timely/Accurate Information Lack of coordination between entities and with external agencies Inadequate threat awareness
DISASTER-RELATED
Loss/Lack of communications Loss or degradation of physical plant Depletion of resources Loss of staff Training
4 - 37
Large events
Focus on politics or finance Requires input from multiple sources
Federal
Fire/EMS/OES Law Enforcement Health Dept./Hazmat Hospitals State Health Dept. State OES/DHS Hospitals
Federal Emergency Mgmt Agency CDC Military Collaboration Individual Plans Supplement/Complement Broader Plans Clinical Care Response Public Health Response
4 - 40
Private Sector
State
And if the organization has an effective Business Continuation Program, not only can it assure that its goals and objectives will be met..but will also become a valued partner in the protection of the larger infrastructure..
4 - 41