RSS News Feed Feed Description

 

Disaster Recovery Planning TemplateDisaster Recovery Planning Template
Business Continuity Plan
Sarbanes - Oxley - ISO 27000 (27001 & 27002) - HIPAA - PCI- Compliant

  

 

Disaster Recovery Audit ProgamThis Disaster Recovery Planning (DRP) template can be used by any size enterprise. The template and supporting material have been updated to be Sarbanes-Oxley compliant.  The Disaster Recovery Planning Documentation comes as a Word document and includes:

  • Disaster Recovery Plan Template

  • Business and IT Impact Analysis Questionnaire

  • Work Plan

  • Disaster Recovery & Business Continuity Audit Program

Included in the template is Business Impact Questionnaire as well as a full Job Description for the Disaster Recovery Manager.  The premium edition contains 11 full job descriptions.

New with version (version history) are (HIPAA, ISO 27000 Series, PCI, and Sarbanes Oxley Compliant):

  • Web Site Disaster Recovery Planning Form

  • Department Disaster Recovery Activation Workbook

    • Quick Reference Guide

    • Team Alert List (Form)

    • DRP Team Responsibilities

    • DRP Team Checklist

    • Critical Function(s) Definition

    • Normal Business Hour Response Procedures

    • After Hours Response Procedures

    • DRP Location(s) Definition

    • DRP Recovery Procedures

    • Notification Procedures

    • Notification Call List (Form)

  • Vendor Disaster Recovery Questionnaire

  • Vendor Phone List Form Updated

  • Key Customer Notification Form

  • Critical Resources to be Retrieved Form

  • Business Continuity Off-Site Materials Form

Clients can also subscribe to Janco's DRP update service and receive all updates to the DRP Template for 18 months* from the date of purchase. 

The DRP template is over 200 pages and includes everything needed to customize the Disaster Recovery Plan to fit your specific requirement.  The electronic document includes proven written text and examples for the following major sections of a disaster recovery plan:

  • Plan Introduction

  • Business Impact Analysis - including a sample impact matrix

  • DRP Organization Responsibilities pre and post disaster - drp checklist

  • Backup Strategy for Data Centers, Departmental File Servers, Wireless Network servers, Data at Outsourced Sites, Desktops (In office and "at home"), Laptops and PDA's.

  • Recovery Strategy including approach, escalation plan process and decision points

  • Disaster Recovery Procedures in a check list format

  • Plan Administration Process

  • Technical Appendix including definition of necessary phone numbers and contact points

  • Job Description for Disaster Recovery Manager (3 pages long) - entire disaster recovery team job descriptions are available.

  • Work Plan to modify and implement the template.  Included is a list of deliverables for each task.

There is a extensive section that show how a full test of the DRP can be conducted.  It includes

  • Disaster Recovery Manager Responsibilities

  • Distribution of the Disaster Recovery Plan

  • Maintenance of the Business Impact Analysis

  • Training of the Disaster Recovery Team

  • Testing of the Disaster Recovery Plan

  • Evaluation of the Disaster Recovery Plan Tests

  • Maintenance of the Disaster Recovery Plan

  

Testimonial - Dave Baker - City of Hamilton - I have found the DRP template invaluable!

Testimonial - Bob Rifenbury -MCSE/CCNA Lauch Testing Lab - The DRP Template saved me about 6 months of work!

Testimonial -  Kelly Keeler - Martin's Point Health Care - I have received and I began using the template immediately. IT IS GREAT! Made this process a snap for me. Cut my documentation time down from.  weeks to hours! This document has made, what began to be an overwhelming process turn into a snap!

Testimonial - Juan Stamos - Mexico City Corporation - We had a DRP in place, but needed a more user friendly structure.  The Disaster Recovery Template (Gold edition) has that structure.  It was very easy to quickly move our DRP into Janco's DRP Template -- a real added value.


* Update service is for 12 months unless it is purchased within 30 days of the purchase of the Template.  Janco reserves the right to validate purchase of the customer was made for the template.

 

This template is not for resale or re-distribution - Disaster Recovery Planning Template Disaster Recovery Template, Disaster Recovery

 

Site Map

 

Disaster Recovery Business Continuity for Remote Offices

06/28/2009 -

Data residing outside the data center at remote and branch offices (ROBOs) accounts for a significant portion of an enterprise's information store, yet it often either is protected with inefficient backup processes or is not protected at all -- leaving companies at risk on many fronts.

In a recent research report, high priority projects for ROBOs included improving information security measures; ensuring compliance with government, industry or corporate governance mandates; and improving Disaster Recovery Business Continuity processes.

- more

Disaster Plan & Business Continuity Infrastructure

06/13/2009 -

IT Infrastructure, Strategy, & Charter TemplateThe key technology elements of a Disaster Recovery Plan and Business Continuity Plan (DRP/BCP) infrastructure are the primary data center, a remote site that duplicates the resources in that primary location and the method used to get files (master and transaction) between the two sites - such as high-bandwidth network connections. The best DRP/BCP strategies follow a "redundant every-thing" philosophy throughout the data center. Multiple mainframes and servers should run in the production and backup data facilities. Then, if a component in the production system encounters problems, it immediately fails over to the local backup as a first line of defense.

Power supplies and communication links are one of the most critical components in a DRP/BCP strategy.

Disaster Recovery Template Sarbanes OxleySecurity Template  Sarbanes OxleyDisaster Planning AuditMetrics Internet IT

- more

Maximum Tolerable Period of Disruption (MTPOD) is an issue

06/06/2009 -

Disaster Types

Order Disaster PlanDisaster Plan Template

The concept of Maximum Tolerable Period of Disruption (MTPOD) is an issue with the introduction of British Standard 25999-2.  When applied appropriately, MTPOD will improve management's understanding of your disaster recovery business continuity program and clarifies your enterprise's recovery priorities.

BS 25999-2, Section 4 says that the goal of a business impact analysis is to "determine the impact of any disruption of the activities that support the organization's key products and services." A key aspect of determining the impact of a disruption is identifying what BS 25999 calls the "Maximum Tolerable Period of Disruption," or MTPOD. BS 25999 defines MTPOD as the "duration after which an organization's viability will be irrevocably threatened if product and service delivery cannot be resumed."  MTPOD is the maximum amount of time that the organization's key products or services can be unavailable or undeliverable before its stakeholders realize unacceptable consequences.

The full application of this concept can mean rethinking how a business impact analysis  is approached. While many DRP / BCP professionals start a business impact analysis   by gathering data from individual departments, MTPOD forces them to first look at products and services. Disaster Recovery and Business continuity professionals should understand downtime tolerance, taking into account:

  • Customer expectations
  • Regulatory requirements
  • Reputational issues
  • Financial and operational impairment
  • Strategic consequences.

Based on management input, disaster recovery / business continuity professionals can propose preliminary Maximum Tolerable Periods of Disruption for key products or services within the scope of the business continuity program.

Once MTPOD is established for key products and services, the traditional business impact analysis  or service. From there, the business impact analysis  can either validate or disagree with preliminary MTPOD conclusions. In addition, the business impact analysis  does identify the department, function and process details that are needed to achieve the MTPOD.

Perhaps most importantly, the disaster recovery / business continuity professional must understand the amount of time required to perform the process or activity in order to deliver the product or service to its key stakeholders (internal or external). This is referred to as cycle time. For example, in a manufacturing company, cycle time would be how long it takes to obtain the necessary stock, manufacture the product, and deliver it to the customer.

With an understanding of MTPOD and cycle time, the business continuity professional can identify what is commonly accepted as the core output of the business impact analysis   - the recovery time objective, or RTO. RTO is the point in time following a disruption when operations must resume (at a minimum level) in order to meet downtime tolerances.

- more

Defining a Functional Disaster Recovery Business Continuity Plan

06/01/2009 -

What makes a truly functional disaster recovery business continuity solution is the ability to restore full systems and enterprise operations quickly, in a matter of hours or even minutes, using available computing resources, which may be local, but may also be remote.

True disaster recovery and business continuity plans must allow for recovery from site-wide disasters, such as a hurricane. The primary site may be completely down, due to a lack of power and network connectivity. The secondary site located in a non-affected area would be used to restore services until the primary site comes back online.

Many enterprises opt for remote Disaster Recovery Business Continuity site(s) for such scenarios. Many system administrators opt for virtual servers, which use asynchronous replication to replicate both the data and virtual machines to the secondary site, which has several standby servers. That way if they need to activate the secondary site, they just direct the activity to the virtual machines and all the systems are back up and running with the latest data.

- more

Template Tools for CIOs

05/20/2009 -

Disaster planning is an essential component of preserving your institution’s collections. With a written disaster plan, libraries, archives, museums, historical societies, and other collection-holding institutions can reduce the risk of disaster and minimize losses. dPlan is perfect for small and medium-sized institutions that do not have in-house preservation staff. dPlan is also valuable for large library systems or museum campuses that need to develop separate but related plans for multiple buildings, locations, or branches.

 

The Janco Disaster Recovery / Business Continuity Plan Template can help you create a plan for disaster prevention and response. This template will help you:

  • Prepare for the most likely emergencies,
  • Respond quickly to minimize damage if disaster strikes, and
  • Recover effectively from disaster while continuing to provide services to your community.
- more

Google flops on its conversion to IPv6 from IPv4

05/17/2009 -

Google flops on its conversion to IPv6 from IPv4. Widespread outages involving several Google services--including search, Google Docs, and Gmail--were caused by an upgrade gone awry inside of Google, according McAfee.  The outage began at 8:13 a.m. PDT, according to McAfee's data, and was fixed by 9:14 a.m. PDT.  A senior manager at McAfee said that Google attempted to make changes to key Internet routing numbers--known as autonomous system numbers--as part of its ongoing transition from an older networking standard (IPv4) to a newer one called IPv6. An unknown "bug" inside Google's network prevented Internet service providers from finding Google's new ASNs on the Internet--effectively blocking its services.

Not all Internet users were affected, but some that use larger providers--such as AT&T or Verizon--appeared to be disproportionately hurt because large ISPs "peer" with Google, or interconnect their networks with Google's networks in order to improve speed and reduce bandwidth costs. Not all customers at those providers were affected, and smaller ISPs that did not interconnect their networks were able to route around the problem.

- more

Mid-Sized Firms are at Risk When Disasters Occur

04/17/2009 -

Many firms are inadequately protected and mistakenly think that a disaster is rare and won't happen to them anytime soon.

SMBs’ prioritization of disaster recovery, backup and high availability for 2008 shows that businesses understand the risks to their business and the value of protection. However, many organizations still errantly think that backup is a sufficient disaster recovery plan. But, mid-sized enterprises are at the most risk to disaster and are more likely to rely strictly on backup as a disaster recovery plan.

The needs and resources of mid-market firms are unique. Midsized companies must work with limited finances infrastructure and human resources. Robust disaster recovery used to be affordable and manageable only by large enterprises. Mid-sized enterprises relied more on backup than on a formal disaster recovery plan. As businesses' reliance on IT has grown, backup has increasingly shown its weaknesses. However, the introduction and maturation of several key technologies, such as virtualization, have brought affordable and easily implementable disaster recovery  to small and mid-sized companies. SMBs do not always equate virtualization with disaster recovery  because awareness of the many virtualization applications is just starting to grow.

- more

Project plan for developing and maintaining a Disaster Plan

04/14/2009 -

There are a number of approaches that have been used by Janco’s clients to create a Disaster Recovery / Business Continuity Plan.  One, which several have used, is to start with the Janco Disaster Recovery Business Continuity Template and implement a seven-step process (a subset of the project plan which is included in the template) using the tools included with the template.  The process is as follows:

  1. Develop the contingency planning policy statement. A formal department or agency policy provides the authority and guidance necessary to develop an effective contingency plan.
  2. Conduct the business impact analysis (BIA). The BIA helps to identify and prioritize critical IT systems and components.
  3. Identify preventive controls. Measures taken to reduce the effects of system disruptions can increase system availability and reduce contingency life cycle costs.
  4. Develop recovery strategies. Thorough recovery strategies ensure that the system may be recovered quickly and effectively following a disruption.
  5. Develop an IT contingency plan. The contingency plan should contain detailed guidance and procedures for restoring a damaged system.
  6. Plan testing, training and exercises. Testing the plan identifies planning gaps, whereas training prepares recovery personnel for plan activation; both activities improve plan effectiveness and overall agency preparedness.
  7. Plan maintenance. The plan should be a living document that is updated regularly to remain current with system enhancements.
- more