Offering hundreds of tips, templates, checklists, and pointers to information in the public domain, Business Resumption Planning, Second Edition assists you in creating a rock solid recovery plan for any size organization. It provides the information you need in order to coordinate first responders to meet any disaster scenario head on, whether involving computers, telecommunications, or infrastructure in a timely and effective manner.
What’s New in the Second Edition:
· The latest techniques for conducting an efficient Business Impact Analysis and an accurate Failure Mode Effects Analysis (FMEA)
· Advice on how to successfully recover from Ground Zero events, such as those involving Oklahoma City, the World Trade Center (WTC), and Hurricane Katrina
· Tips for recovery teams and first responders, including how to maintain “4Ci” (Command, Control, Communications, Computers and intelligence) during a disaster
· An examination of legal ramifications resulting from a failure to plan—including new liability issues that directly affect you
· An explanation of how the recently enacted Sarbanes-Oxley Act of 2002 impacts your planning effort
· Plans and templates that assess vulnerability in WANs, Open Networks, physical facilities, environmentals, and enhanced services
The book contains actual case studies and examples illustrating the vulnerabilities of today’s mission critical systems. It details the proactive steps you should take now to first assess your exposure, then eliminate it. The book also includes a CD-ROM that contains worksheets, checklists, audit forms, work breakdown structures, and reports.
Table of Contents
So, You Want to Write a Disaster Recovery Plan
What IS a Disaster?
Finding the Resources to Complete the Plan
How Does One Begin
What is a Business Impact Analysis (BIA)?
Data Collection and Verification
Additional Observations on using the BIA to Pitch Management
Why Will Management Believe a Consultant but Not YOU?
“Cooking Up” a Compelling Management Presentation
Using Meaningful Data to Get Your Plan Funded
Getting the Plan Funded (Executive Commitment)
Other Ways to Present Your Data
What is a Failure Mode Effects Analysis?
Options for Completing the Plan
Standards for Buildings, Networks and Other Infrastructure
Physical Standards—Large Installations
Building Entrance Facilities
Why Document it at All?
Putting the Disaster Recovery Plan to Paper
What Should the Plan Cover?
Recovery Scenarios—the Three “R’s”
Telecommunications-Specific Recovery Procedures
Other Telecommunications Recovery Concerns
Physical Vulnerability to Telco Disasters—Where Does One
Call Out of the Telecom Recovery Team
Major Cable or Fiber Cut
Risks with T1 Service Utilizing Proprietary Multiplexers or Routers
Emergency Call Lists
Forms Associated with the Plan
Recovering Emerging Technologies (Frame Relay, VoIP, ATM
Forming Teams, Training, Recruitment, and Testing
Catastrophic Equipment Failure and Building Disasters
Technical Services Recovery Plan
Evaluating the Results of a Disaster Recovery Test
How to Use this Chapter
Companies That Are Required to Have Disaster Recovery Plans
Companies That Are Required to Have Some Elements of a Disaster Recovery Plan Preparedness Planning Is Encouraged
Preparedness Planning for the Legal Department
Handling of Sensitive Information (Example HIPAA Compliance)
Appendix B: IRS Procedure 98-25
Appendix C: Financial Institution Rules from GLB
Appendix D: Pandemic
A New Direction
Impact of SOX on the Board of Directors
Review of Other Highlights of the Act
Regulatory Issues and How They Effect Business Continuity (BC) Programs
Business Continuity and Disaster Recovery Plan
General Recovery Strategy
What Does the EMT Do?
Recovering Open Systems (LANS)
Related Support Teams
Other Useful Forms and Checklists