l008 disaster recovery plan (2016)
TRANSCRIPT
DISASTER RECOVERY PLAN
MANAGING INFORMATION SYSTEMS IN ORGANIZATIONSPrepared by: Jan Wong Download at: www.slideshare.net/janwong
DISASTER RECOVERY IS A CHALLENGE FOR ORGANIZATIONS.BUSINESS CONTINUITY IS AT STAKE.
IT IS NOT POSSIBLE TO PROTECT AGAINST EVERY RISK!
IT IS NOT POSSIBLE TO PROTECT AGAINST EVERY RISK!THAT’S WHY COMPANIES USES A RISK MANAGEMENT APPROACH
Step 1: Assessment of Assets
Step 2: Vulnerability of Assets
Step 3: Loss Analysis
Step 4: Protection Analysis
Step 5: Cost-Benefit Analysis
Step 1: Assessment of Assets
Step 2: Vulnerability of Assets
Step 3: Loss Analysis
Step 4: Protection Analysis
Step 5: Cost-Benefit Analysis
• It helps to identify threats. • It helps to select cost-
effective controls via a cost benefit analysis.
• Formulates a business continuity plan to recover from a major disaster.
5-STEP RISK MANAGEMENT APPROACH
Step 1: Assessment of Assets
Step 2: Vulnerability of Assets
Step 3: Loss Analysis
Step 4: Protection Analysis
Step 5: Cost-Benefit Analysis
STEP 1Determine the value and importance of assets such as data, hardware, software and networks.
“List down all assets and its value including even staff, facilities, business information, cost of replacement and loss of use.”
Step 1: Assessment of Assets
Step 2: Vulnerability of Assets
Step 3: Loss Analysis
Step 4: Protection Analysis
Step 5: Cost-Benefit Analysis
STEP 2Recorded the weaknesses in the current protection system in view of all potential threats.
“List down all potential threats that can happen to the assets by reviewing current systems.”
Step 1: Assessment of Assets
Step 2: Vulnerability of Assets
Step 3: Loss Analysis
Step 4: Protection Analysis
Step 5: Cost-Benefit Analysis
STEP 3Assess the probability of damage and specify the tangible and intangible losses that may result.
“List down the cost of damage to the assets.”
Step 1: Assessment of Assets
Step 2: Vulnerability of Assets
Step 3: Loss Analysis
Step 4: Protection Analysis
Step 5: Cost-Benefit Analysis
STEP 4Provide a description of available controls that should be considered, their probability of successful defence and costs.
“List down all assets and its value.”
Step 1: Assessment of Assets
Step 2: Vulnerability of Assets
Step 3: Loss Analysis
Step 4: Protection Analysis
Step 5: Cost-Benefit Analysis
STEP 5Compare cost and benefits. Consider the likelihood of damage occurring and the successful protection from that damage. Finally, decide which controls to install.
“Compare the cost required and the benefits to decide.”
Step 1: Assessment of Assets
Step 2: Vulnerability of Assets
Step 3: Loss Analysis
Step 4: Protection Analysis
Step 5: Cost-Benefit Analysis
IF YOU CAN’T CONTROL THEM, BACK UP!SYSTEM FAILURE CAN CAUSE MINOR IRRITATIONS TO BUSINESS CLOSEDOWN.
TYPES OF BACKUP METHODSTO ENSURE BUSINESS CONTINUITY
3
TYPES OF BACKUP METHODS
3 1. CONTINUOUS BACKUP • Periodic in partial data increments • Can be local / remote
2. FULL BACKUP • Periodic in complete data copy • Can be local / remote
3. MIRROR BACKUP • Instant replica of data • Can be local / remote
DISASTER RECOVERY CONCEPTS
TO ENSURE BUSINESS CONTINUITY2
DISASTER RECOVERY CONCEPTS
2 1. HOTSITE VENDORS • External vendors that provides
access to a fully configured backup centre.
• Able to instantly ‘hot swap’. 2. COLDSITE VENDORS
• Provide empty space with special flooring, ventilation and facilities.
• In emergency, companies move to the coldsite.
Questions, anyone?