presented by steve shofner cisa cgeit 1 the material
play

Presented by: Steve Shofner, CISA, CGEIT 1 The material appearing - PowerPoint PPT Presentation

Nov 20, 2023 •588 likes •921 views

Disaster Recovery Planning: Is Your Plan in Place? Presented by: Steve Shofner, CISA, CGEIT 1 The material appearing in this presentation is for informational purposes only and is not legal or accounting advice. Communication of this

  1. Disaster Recovery Planning: Is Your Plan in Place? Presented by: Steve Shofner, CISA, CGEIT 1

  2. The material appearing in this presentation is for informational purposes only and is not legal or accounting advice. Communication of this information is not intended to create, and receipt does not constitute, a legal relationship, including, but not limited to, an accountant-client relationship. Although these materials may have been prepared by professionals, they should not be used as a substitute for professional services. If legal, accounting, or other professional advice is required, the services of a professional should be sought. 2

  3. AGENDA • What is a Disaster? • Disaster Recovery vs. Business Continuity • Drivers for Having a Disaster Recovery Plan • How Do You Get Started? • Disaster Recovery Plan Structure • Key Considerations • Testing the Disaster Recovery Plan • Resources • Questions? 3

  4. DISASTERS Sudden, calamitous event that brings great damage, loss or destruction. ( Source: Merriam-Webster dictionary ) Natural Man-Made Technological • Earthquake • Riots • Database corruption • Flood • War • Hacking • Hurricane • Terrorism • Viruses • Drought • Power outages • Internet worms • Twister • Sprinkler system bursts • Tsunami • Equipment sabotage • Cold/Heat wave • Arson • Thunderstorm • Epidemic • Mudslide • Pollution • Transportation accident • Food poisoning 4

  5. “DISASTERS” COME IN ALL SIZES Large Small 5

  6. OBJECTIVES OF DISASTER RECOVERY VS. BUSINESS CONTINUITY • Disaster Recovery – Successfully recover IT systems in the shortest timeframe possible • Business Continuity – Continue critical business functions in the absence of key resources (considering customers, suppliers, regulators, and others) 6

  7. DRIVERS FOR HAVING A DISASTER RECOVERY PLAN • High availability of data is required by your industry • Regulatory requirements o Federal Emergency Management o Government Contractor • Contractual obligation with a business partner • Makes good business sense! 7

  8. HOW DO YOU GET STARTED? • Conduct a Risk Assessment • Identify critical data • Conduct a Business Impact Analysis (BIA) • Create a data backup process • Determine resources needed during a recovery effort 8

  9. CONDUCT A RISK ASSESSMENT Consider the risks to your organization and the probability of each happening: Natural Man-Made Technological • Earthquake • Riots • Database corruption • Flood • War • Hacking • Hurricane • Terrorism • Viruses • Drought • Power outages • Internet worms • Twister • Sprinkler system bursts • Tsunami • Equipment sabotage • Cold/Heat Wave • Arson • Thunderstorm • Epidemic • Mudslide • Pollution • Transportation Accident • Food Poisoning 9

  10. COMMON PLANNING PITFALL • You do not need to develop individual contingencies for each type of risk/disaster. • Focus on the absence of key resources, such as (but not limited to) data, regardless of the reason. (for this presentation, we will focus on data) 10

  11. IDENTIFY CRITICAL DATA (RESOURCES) Evaluate processes with owners, identifying how/where critical data is input from, processed, stored, and exported to:  What type (s) of data is required?  What type(s) are key / critical?  When, how, and where is data input from?  Who owns that data?  What processing happens with that data?  Where is the data stored (e.g., systems involved, storage area networks, other media)?  When, where, and how is data exported? 11

  12. BUSINESS IMPACT ANALYSIS (BIA) • Identifies business units, operations, and processes essential to the survival of the business. • Considerations:  Life or death situation  Potential for significant loss of revenue  Obligations to external parties may be jeopardized  Quantify impacts where possible • Determine:  RTO – Recovery time objective  RPO – Recovery point objective  Critical for determining the order and priority of system recovery 12

  13. DATA BACKUPS • Questions to ask:  Is your data backed up?  How often?  Where? (network storage, tape media, offsite/onsite)  How is it stored and is it adequately secured?  Is the restoration process tested? Regularly? How often? • Work with IT staff to identify the critical resources required to recreate the data (includes hardware, database software, operating system, application configuration data, backed-up data, etc.) 13

  14. IDENTIFY RESOURCES REQUIRED FOR RECOVERY EFFORT Alternate recovery site (co-location facilities, hotel meeting rooms, • executive suites, etc.) o Hot / Warm / Cold? Server equipment (virtualized or physical, type/model, hardware • configuration, storage equipment) o How quickly can equipment be purchased and acquired? Software including operating system type, database environment, • application, and configuration settings. Backup management software • Backup media equipment (backup equipment – LTOs, SDLT, DDS) • Backup media • Connectivity (Internet, VPNs/links to partners, extranets) • Critical IT staff (System Administrators, Database Administrators) • 14

  15. CLOUD CONSIDERATIONS Your Network Cloud Provider Organization (SaaS, PaaS, IaaS) Network Cloud Provider (SaaS, PaaS, IaaS) 15

  16. CLOUD SERVICE CONSIDERATIONS Your Cloud Service Data Center Organization Provider Provider Tier 1 Outsourced Support Software Development 16

  17. CLOUD MANAGEMENT CONSIDERATIONS • Understand the vendor’s environment • Understand the vendor’s disaster recovery / business continuity plan o DR is often separate from service level agreements (e.g., 99.999% uptime) in many agreements, which often have disaster / force majeure (‘acts of God’) exceptions. Understand what guarantees they provide in DRP/BCP situations. o Obtain and review a Service Organization Controls (SOC) report • Ensure there is an audit clause in your agreement 17

  18. DISASTER RECOVERY PLAN STRUCTURE • Assumptions (communications infrastructure in place, primary location still available, primary IT staff available) • Roles and Responsibilities • Declaration of a Disaster • Equipment Salvage (procurement) • System Recovery Process (alternate site) • Resumption at Primary Site • Declare End of Disaster (debrief) 18

  19. CONSIDERATIONS Key staff (and/or vendors) may or may not be available during the • recovery effort o Plan for Primary, Secondary, Tertiary, others o Ensure adequate decision-making and spending authority in advance • Communications and infrastructure for the region may/may not be functioning • Escalation plan and related timelines Recovery procedures should provide enough detailed so that • alternate resources can follow if needed Recover all vs. subset of the required systems to meet critical (not • all) business processes There will be performance degradation • Functionality may be limited • 19

  20. ROLES AND RESPONSIBILITIES The Disaster Recovery Team includes… Disaster Recovery • C-level individual or manager who directs the teams and Coordinator serves as the leader of the recovery efforts • C-level manager, legal counsel or similar spokesperson Media/Communications who ensures a consistent message is communicated to Representative the media • IT and business unit staff who assess the equipment to Salvage Team determine if damage is minimal or extensive, and if new equipment needs to be procured • IT team responsible for system rebuilding and data Recovery Team restoration • The secondary individuals who can assume the role of Backup Support Staff the primary who may not be available 20

  21. DECLARATION OF A DISASTER • Criteria for invoking the disaster recovery plan  Severe disruption to service  Potential for major data loss  Data security may have been compromised • Initiating the call tree process  Disaster Recovery Coordinator starts the notification and activates the other teams involved in the recovery effort  Business unit managers responsible for notifying their teams 21

  22. GET THE WORD OUT! • Key Stakeholders: • Communication Channels: o Customers o Intranet o Employees o Externally-hosted website (consider mobile) o Suppliers o Phone o Insurance providers o Automated phone service o Civic agencies (e.g., (call-out, dial-in, or both) Police, Fire, National Guard) o Print media o Local media o Mail o Bulletin board 22

  23. DISASTER RECOVERY ACTIVITIES - EQUIPMENT SALVAGE • Primary site may be available, but access is restricted due to danger • Survey damage to assets for insurance purposes • Determine if anything can be saved or serviced by the vendor immediately • Device/Server support agreements need to be leveraged • Test potentially damaged systems before relying on them for recovery operations • Initiate emergency procurement process for immediate hardware, software, and appliance needs 23

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

IT Vendor Due Diligence Jennifer McGill CIA, CISA, CGEIT IT Audit Director Carolinas HealthCare

IT Vendor Due Diligence Jennifer McGill CIA, CISA, CGEIT IT Audit Director Carolinas HealthCare

IT Vendor Due Diligence Jennifer McGill CIA, CISA, CGEIT IT Audit Director Carolinas HealthCare System December 9, 2014 Carolinas HealthCare System (CHS) Second largest not-for-profit healthcare system in the nation Largest healthcare

335 views • 19 slides
INFORMATION SECURITY A DAY IN THE LIFE WHO AM I? Security officer for MIE CISSP , CISA,

INFORMATION SECURITY A DAY IN THE LIFE WHO AM I? Security officer for MIE CISSP , CISA,

INFORMATION SECURITY A DAY IN THE LIFE WHO AM I? Security officer for MIE CISSP , CISA, CGEIT, CRISC, CRMA, PMP , FLMI and studying for CISM RMR and JA Interactive session share stories THREAT SOURCES Nation States

491 views • 26 slides
Cloud Computing in the Banking Sector of the Euro-area George Papoulias, CGEIT, ITIL Expert,

Cloud Computing in the Banking Sector of the Euro-area George Papoulias, CGEIT, ITIL Expert,

Cloud Computing in the Banking Sector of the Euro-area George Papoulias, CGEIT, ITIL Expert, CRISC, CISA, Price2P, COBIT Senior Management Advisor, CISO & CDO Office National Bank of Greece Vice Chair, itSMF Hellas 16 th- 17 th of May 2018

702 views • 22 slides
Demystifying CyberSecurity & BScDA, CPA, Preparing for the Board Room CGA, CISA, CISSP,

Demystifying CyberSecurity & BScDA, CPA, Preparing for the Board Room CGA, CISA, CISSP,

Rick Ouellette, Demystifying CyberSecurity & BScDA, CPA, Preparing for the Board Room CGA, CISA, CISSP, CGEIT Find me on LinkedIn: rick-ouellette-5b1573a Consider Perspectives Source: https://cdn-images-

186 views • 16 slides
King Faisal University Deanship of IT Strategic IT Plan 2011 2015 Dr. Mohammed S.

King Faisal University Deanship of IT Strategic IT Plan 2011 2015 Dr. Mohammed S.

King Faisal University Deanship of IT Strategic IT Plan 2011 2015 Dr. Mohammed S. Al-Zahrani, Dean of Information Technology Prepared & Presented by M. Shahul Hameed, MBA, M.Sc.IT, CMA, CIA, PMP, CGEIT, CISA, CISM, ITSM(ITIL),

634 views • 44 slides
Efficient Nonmyopic Active Search Jiang, Malkomes, Converse, Shofner, Moseley and Garnett STA

Efficient Nonmyopic Active Search Jiang, Malkomes, Converse, Shofner, Moseley and Garnett STA

Efficient Nonmyopic Active Search Jiang, Malkomes, Converse, Shofner, Moseley and Garnett STA 4273/CSC 2547 Paper Presentation Presented by: Zain Hasan & Daniel Hidru Active Search Sequentially locating as many members of a particular

320 views • 21 slides
Biography Tom Wilson, CISA, PMP Tom Wilson, CISA, PMP, is an Information Technology Auditor with

Biography Tom Wilson, CISA, PMP Tom Wilson, CISA, PMP, is an Information Technology Auditor with

Biography Tom Wilson, CISA, PMP Tom Wilson, CISA, PMP, is an Information Technology Auditor with the City of Fort Worth, Texas, and has served in that role since June 2015. His primary responsibilities include conducting a variety of

516 views • 34 slides
Staying at the Forefront of Cybersecurity Threats Presented by: John Hock, CPA, CITP, CISA, SOC

Staying at the Forefront of Cybersecurity Threats Presented by: John Hock, CPA, CITP, CISA, SOC

2019 Annual Leadership Conference September 25 -27, 2019 Staying at the Forefront of Cybersecurity Threats Presented by: John Hock, CPA, CITP, CISA, SOC IT Audit Manager Objectives How scary is it? Pervasiveness Cost Identify

782 views • 53 slides
Minimizing Business Disruption After a Cyberattack Cyber Security Challenges, Threats and

Minimizing Business Disruption After a Cyberattack Cyber Security Challenges, Threats and

1 Minimizing Business Disruption After a Cyberattack Cyber Security Challenges, Threats and Strategies Symposium University of Bahrain 21 st September 2016 By: Ahmed Albalooshi, CISA, CISM, CGEIT. First Vice President IT Al Baraka Banking

200 views • 15 slides
Internal Controls Presented by: Patrick Cowen, CPA, CIA, CISA Why Internal Controls? Prevent

Internal Controls Presented by: Patrick Cowen, CPA, CIA, CISA Why Internal Controls? Prevent

Internal Controls Presented by: Patrick Cowen, CPA, CIA, CISA Why Internal Controls? Prevent and Detect Fraud, Waste and Abuse Motive + Opportunity + Justification = Fraud 2 What Are Internal Controls? Internal Control is a process set by

547 views • 42 slides
Identity & Access Management in an Academic Environment Webinar May 17, 2018 Johan Lidros

Identity & Access Management in an Academic Environment Webinar May 17, 2018 Johan Lidros

Identity & Access Management in an Academic Environment Webinar May 17, 2018 Johan Lidros CISA, CISM, CGEIT, CRISC, HITRUST CCSFP, ITIL-F President Eminere Group 2 3 4 5 Presenter Johan Lidros, Founder and President of Eminere

901 views • 58 slides
The new UK Financial Reporting regime Presented by Steve Carlyle steve@clearlytraining.co.uk

The new UK Financial Reporting regime Presented by Steve Carlyle steve@clearlytraining.co.uk

The new UK Financial Reporting regime Presented by Steve Carlyle steve@clearlytraining.co.uk www.clearlytraining.co.uk AAT is a registered charity. No. 1050724. Course Outline Background to changes in UK Accounting IFRS: Where are we?

717 views • 49 slides
Making the Most of Your EGSA Membership Presented by Steve Stoyanac Steve Stoyanac EGSA

Making the Most of Your EGSA Membership Presented by Steve Stoyanac Steve Stoyanac EGSA

Making the Most of Your EGSA Membership Presented by Steve Stoyanac Steve Stoyanac EGSA Membership 1 Ongoing Membership Programs On-Site Power Schools offering Continuing Education Units (CEUs) EGSA Conferences and Conventions

383 views • 9 slides
EFFICIENT NONMYOPIC ACTIVE SEARCH Shali Jiang, Gustavo Malkomes, Geoff Converse, Alyssa Shofner,

EFFICIENT NONMYOPIC ACTIVE SEARCH Shali Jiang, Gustavo Malkomes, Geoff Converse, Alyssa Shofner,

EFFICIENT NONMYOPIC ACTIVE SEARCH Shali Jiang, Gustavo Malkomes, Geoff Converse, Alyssa Shofner, Roman Garnett, Benjamin Moseley Washington University in St. Louis 12.10.16 1. ACTIVE SEARCH Finding interesting points Active search 1 In

615 views • 22 slides
Challenges presented in Workshop 1 How are we doing? Presented by: Steve Abelman, Manager, FAA

Challenges presented in Workshop 1 How are we doing? Presented by: Steve Abelman, Manager, FAA

Challenges presented in Workshop 1 How are we doing? Presented by: Steve Abelman, Manager, FAA Aviation Weather Research Team Date: Sep 3, 2014 Overview During the last workshop, a series of considerations and/or challenges

373 views • 22 slides
Presented by Peter Fortunato BNNs Risk and Business Advisory Team Peter Fortunato; CISM,

Presented by Peter Fortunato BNNs Risk and Business Advisory Team Peter Fortunato; CISM,

Presented by Peter Fortunato BNNs Risk and Business Advisory Team Peter Fortunato; CISM, CISA, CISSP Comptia Security+ ISACA CISA Certified Information Security Auditor CISM Certified Information Security

775 views • 46 slides
INTRODUCTION: Environmental Health Officer. Generally employed by local Council / local health

INTRODUCTION: Environmental Health Officer. Generally employed by local Council / local health

INTRODUCTION: Environmental Health Officer. Generally employed by local Council / local health authority undertake many roles in the community focussed on community health and safety. Local Government has been delegated the responsibility for

442 views • 21 slides
PRESENTATION OF THE NATURAL PASTEURIZATION PROCESS THE CHANGING FOOD SAFETY ENVIRONMENT

PRESENTATION OF THE NATURAL PASTEURIZATION PROCESS THE CHANGING FOOD SAFETY ENVIRONMENT

PRESENTATION OF THE NATURAL PASTEURIZATION PROCESS THE CHANGING FOOD SAFETY ENVIRONMENT Microorganisms are naturally present in low moisture food products (e.g. salmonella prevalence > 2% in raw agricultural products) Pathogenic

586 views • 19 slides
NACC South West Region Spring Seminar 19 March 2015 Tracey Smith Foodborne Disease Control

NACC South West Region Spring Seminar 19 March 2015 Tracey Smith Foodborne Disease Control

NACC South West Region Spring Seminar 19 March 2015 Tracey Smith Foodborne Disease Control FSA Foodborne Disease Strategy Campylobacter Risk Management Programme Listeria Risk Management Programme Other pathogens Acting on

492 views • 21 slides
My Fellows wshi hip Achi hievem evements nts Benon n Kwesiga a MBChB, MPH PHFP Fellow

My Fellows wshi hip Achi hievem evements nts Benon n Kwesiga a MBChB, MPH PHFP Fellow

Public Health Fellowship Program Field Epidemiology Tra ck My Fellows wshi hip Achi hievem evements nts Benon n Kwesiga a MBChB, MPH PHFP Fellow Cohort t 2015 Host Site: MoH - Divi vision of Health Information Mandate To

1.1k views • 29 slides
Bacteria Bust! What is Bacteria? Why would we want to grow bacteria in a dish? What is the

Bacteria Bust! What is Bacteria? Why would we want to grow bacteria in a dish? What is the

Bacteria Bust! What is Bacteria? Why would we want to grow bacteria in a dish? What is the question? What is the question? Are there more bacteria on my hand or my shoe? What area of the classroom has the most bacteria? How much bacteria

172 views • 15 slides
Food Hygiene Food Hygiene The NHS report 96,000 cases of foodborne illnesses in a year

Food Hygiene Food Hygiene The NHS report 96,000 cases of foodborne illnesses in a year

Food Hygiene Food Hygiene The NHS report 96,000 cases of foodborne illnesses in a year resulting in 20,000 hospitalisations & 500 deaths. The FSA estimates a total of 850,000 cases per year. 5.5 million people a year believe they

450 views • 13 slides
Professor Lynn Frewer Food Safety and Consumer Behaviour Emerging societal issues in the

Professor Lynn Frewer Food Safety and Consumer Behaviour Emerging societal issues in the

Consumer perceptions of risk, benefit, Transparency: The way to enhance effective uncertainty and cost risk communication Contextualizing consumer attitudes towards food safety issues Professor Lynn Frewer Food Safety and Consumer Behaviour

430 views • 5 slides
1 Food Safety Facts 2 and 4 million illnesses occur each year in the U.S. from the more than

1 Food Safety Facts 2 and 4 million illnesses occur each year in the U.S. from the more than

In-Home Food Safety Amanda Ruth Emily Eubanks Emily Rhoades June 3, 2003 Food Safety Facts Between 6.5 million and 81 million cases of foodborne illness a year (May 1996, GAO) 6.5 million to 33 million cases of foodborne illness occur

520 views • 7 slides

More recommend