RSS News Feed Feed Description
 
Disaster Recovery Planning Template

Disaster Recovery Audit ProgamDisaster Recovery Plan Template
Business Continuity Planning
ISO 27000, ISO 27001, ISO 27002 (formerly ISO 17799),
Sarbanes - Oxley, PCI-DSS, and HIPAA Compliant

  

 

This Disaster Recovery Plan (DRP) can be used as a template for any enterprise. The template and supporting material have been updated to be Sarbanes-Oxley compliant.  The Disaster Planning Template comes as a Word document and includes:

  • Disaster Recovery Plan Template

  • Business and IT Impact Analysis Questionnaire

  • Work Plan

  • Disaster Recovery & Business Continuity Audit Program

New with version (version history) are (Sarbanes Oxley, HIPAA, PCI-DSS, and ISO 27000 Compliant):

  • Web Site Disaster Recovery Planning Form

  • Department Disaster Recovery Activation Workbook

    • Quick Reference Guide

    • Team Alert List (Form)

    • DRP Team Responsibilities

    • DRP Team Checklist

    • Critical Function(s) Definition

    • Normal Business Hour Response Procedures

    • After Hours Response Procedures

    • DRP Location(s) Definition

    • DRP Recovery Procedures

    • Notification Procedures

    • Notification Call List (Form)

  • Vendor Disaster Recovery Questionnaire

  • Vendor Phone List Form Updated

  • Key Customer Notification Form

  • Critical Resources to be Retrieved Form

  • Business Continuity Off-Site Materials Form

Included in the template is Business Impact Questionnaire as well as a full Job Description for the Disaster Recovery Manager.  The premium edition contains 11 full job descriptions.

Clients can also subscribe to Janco's DRP update service and receive all updates to the DRP Template for 18 months* from the date of purchase. 

The DRP template is over 200 pages and includes everything needed to customize the Disaster Recovery Plan to fit your specific requirement.  The electronic document includes proven written text and examples for the following major sections of a disaster recovery plan:

  • Plan Introduction

  • Business Impact Analysis - including a sample impact matrix

  • DRP Organization Responsibilities pre and post disaster - drp checklist

  • Backup Strategy for Data Centers, Departmental File Servers, Wireless Network servers, Data at Outsourced Sites, Desktops (In office and "at home"), Laptops and PDA's.

  • Recovery Strategy including approach, escalation plan process and decision points

  • Disaster Recovery Procedures in a check list format

  • Plan Administration Process

  • Technical Appendix including definition of necessary phone numbers and contact points

  • Job Description for Disaster Recovery Manager (3 pages long) - entire disaster recovery team job descriptions are available.

  • Work Plan to modify and implement the template.  Included is a list of deliverables for each task.

There is a extensive section that show how a full test of the DRP can be conducted.  It includes

  • Disaster Recovery Manager Responsibilities

  • Distribution of the Disaster Recovery Plan

  • Maintenance of the Business Impact Analysis

  • Training of the Disaster Recovery Team

  • Testing of the Disaster Recovery Plan

  • Evaluation of the Disaster Recovery Plan Tests

  • Maintenance of the Disaster Recovery Plan

  

Testimonial - Dave Baker - City of Hamilton - I have found the DRP template invaluable!

Testimonial - Bob Rifenbury -MCSE/CCNA Lauch Testing Lab - The DRP Template saved me about 6 months of work!

Testimonial -  Kelly Keeler - Martin's Point Health Care - I have received and I began using the template immediately. IT IS GREAT! Made this process a snap for me. Cut my documentation time down from.  weeks to hours! This document has made, what began to be an overwhelming process turn into a snap!

Testimonial - Juan Stamos - Mexico City Corporation - We had a DRP in place, but needed a more user friendly structure.  The Disaster Recovery Template (Gold edition) has that structure.  It was very easy to quickly move our DRP into Janco's DRP Template -- a real added value.


* Update service is for 12 months unless it is purchased within 30 days of the purchase of the Template.  Janco reserves the right to validate purchase of the customer was made for the template.

 

This template is not for resale or re-distribution - Disaster Recovery Planning Template Disaster Recovery Template, Disaster Recovery

 

 

 

 

 

 

 

 

 

 

Site Map

 

What Is The CSO's Role

What is the Chief Security Officer (CSO)?  The title Chief Security Officer (CSO) was first used inside the information technology department and function to identify the person responsible for IT security. At many enterprises, the term CSO is still used in this way.

The CSO title is also used in many enterprises to describe the leader of the "corporate security" function, which includes the physical security and safety of employees, facilities and assets. This individual often holds a title such as Vice President or Director of Corporate Security. Historically, corporate security and information security have been handled by separate departments.

IT Hiring IT Job Descriptions Salary SurveyIT Salary SurveyIT Job Descriptions

The CSO is the executive responsible for the organization's entire security posture, both physical and digital. CSOs also frequently own or participate closely in related areas such as business continuity planning, loss prevention and fraud prevention, and privacy.

At a tactical level, technology is being infused into physical security tools, which are increasingly database-driven and network-delivered. At a strategic level, CEOs and corporate boards, motivated in part by regulations such as the Sarbanes-Oxley Act, HIPAA, and ISO 27000 (formerly ISO 17799) 27001 & 27002 standards, desire an enterprise-wide view of operational risk.

The Chief Security Officer (CSO) is responsible for overall direction of all security functions associated with Information Technology applications, communications (voice and data), and computing services within the enterprise.  At the same time the CSO must be aware of the implications of legislated requirements that impact security for the enterprise.  This includes but is not limited to Sarbanes Oxley Section 404 requirements.

The CSO has the responsibility for global and enterprise-wide information security; he/she is also responsible for the physical security, protection services and privacy of the corporation and its employees.

... more info

Steps to Create a Disaster Recovery and Business Continuity Plan

The steps to create a workable Disaster Recovery and Business Continuity Plan are:

Disaster Recovery Template Sarbanes OxleySecurity Template Sarbanes OxleyDisaster Planning Audit Security Audit Program
  • Assessment the environment
  • Determine capabilities and capacities of the enterprise
  • Develop a preliminary work plan with detail action items
  • Prioritize activities to develop the plan
  • Define deliverables
  • Obtain approvals and budget to develop the plan
  • Assign responsibilities
  • Implement a status reporting process
  • Develop initial Disaster Recovery and Business Continuity Plan
  • Review and modify plan with operating groups and management
  • Test plan
... more info

Backup Policy for Active Directory Defined

 Backup Policy & Backup Retentiion PolicyActive Directory is the gatekeeper to the network resources your employees depend on, so Active Directory is critical to your business. Accordingly, having a reliable and practiced set of recovery strategies is vital. Preparing for a catastrophic event - for example, a hardware failure or physical disaster – is necessary, but so is preparing for "everyday disasters." Problems can arise in the normal course of day-to-day operations from a variety of causes, including:

  • Human error -  an administrator might delete an entire organizational unit (OU) instead of a particular user, or accidentally delete a service account, which could affect hundreds of users.
  • Unexpected consequences -  an administrator might use a script to set one of the Extension Attributes in Active Directory only to find out that Extension Attribute contained data for another mission critical application that won’t work anymore because of the changes. The data must be restored as soon as possible.
  • Malicious activity - both current and recently-terminated employees, as well as external service providers, might find ways to access your sensitive systems and data, and their knowledge can enable them to cause significant damage.  According to Entrepreneur, "four out of five IT-related crimes are committed from within an organization".  Moreover, CSO Online reports that "inside security breaches affect 49% of companies". Once your network is under attack, it's too late to plan - you need to have your diagnostic and recovery tools in place.
  • Viruses -  Viruses can damage Active Directory data, and the replication process propagates those unwanted changes. Anti-virus software, of course, provides protection, but it is critical to be able to respond quickly to viruses that get through.
... more info

Disaster Plan & Business Continuity Infrastructure

IT Infrastructure, Strategy, & Charter TemplateThe key technology elements of a Disaster Recovery Plan and Business Continuity Plan (DRP/BCP) infrastructure are the prima¬ry data center, a remote site that duplicates the resources in that primary location and the method used to get files (master and transaction) between the two sites – such as high-bandwidth network connections. The best DRP/BCP strategies follow a "redundant every¬thing" philosophy throughout the data center. Multiple mainframes and servers should run in the production and backup data facilities. Then, if a component in the production system encounters problems, it immediately fails over to the local backup as a first line of defense.

Power supplies and communication links are one of the most critical components in a DRP/BCP strategy.

Disaster Recovery Template Sarbanes OxleySecurity Template Sarbanes OxleyDisaster Planning AuditMetrics Internet IT

... more info

What To Do When Disaster Strkes

A natural or man-made disaster can strike anywhere, anytime, with ruthless and devastating results - that's the awful essence of a disaster.

Hurricane Katrina and the Sept. 11, 2001, attacks loom large in the collective memory for the magnitude of their destruction, but smaller-scale, localized disasters happen all the time: a fire in a building, human error that erases a server, a power outage in a town. Each can wreck a business in minutes and is much more likely to happen than a terrorist attack or a hurricane.

Disaster PlanningAs gloomy as those scenarios may be, the name of the game for companies is "prepare for the worst; hope for the best." Companies can minimize the worst possible disruptions to their businesses and the lives of their employees by creating disaster recovery and business continuity plans. Such plans are not just for large and well-connected companies, but for small and midmarket companies as well.

These plans can protect company data and applications, and they can have a company back in business within 48 hours or less after a disaster. That's where Janco's Disaster Recovery / Business Continuity Template comes into play. The Templates provice the expertise to help companies craft their plans and then flesh out those plans with technology solutions.

... more info