BC - DR Plan Scenarios
Use the following scenarios to evaluate the assigned BC-DR plan. Your assignment is to create a document that identifies weaknesses and strengths of the plan and provides recommendations based on best practices (provide references). The document should have a cover page with the group names, the result of the exercise, and references, as appropriate.
Over the last three months, Joan Wilson has worked diligently to get BC and DR plans into place. The HQ plan is finished but not all the details are worked out for the operational data centers. Joan has decided to conduct a table top exercise designed to assess the effectiveness of what has been accomplished thus far. She chooses two scenarios to work through simultaneously.
Scenario 1: In Pittsburgh, PA - the roof over the data center has partially caved in as a result of the ten feet of snow that has accumulated on the roof top. No one was injured, but part of the cave in is over the corner of the mainframe room and now there is a pile of snow in one corner of the room. The rest of the roof is sagging and more snow is on the way. Does the BC-DR Plan cover this scenario and address all aspects of what is necessary to contain and recover operations?
Scenario 2: In Canton, Ohio - the manager for the server farm calls for assistance, when audit logs indicate there has been a breach of customer personally identifiable data (PII) on the server that holds the information for promotional products ordered through the Internet.
Not knowing what else to do to ensure no additional data was breached, the manager yanked the power supply on the servers that supported this process and now the whole MailPress Intranet/LAN seems down. Does the BC-DR plan address what to do if internal communications are lost? Does the BCRP address how to handle sensitive information during an event that may require investigative support as well as cause a full blown DR process to begin?
18. Disaster Declared: Mobilize Incident response/Technical services teams/Report to command center
Scenario 1: The Group 2 BCP in previous sections contains a good description of the overall roles and responsibilities of the IT, EMT, DRT teams, for responding to natural disasters. This includes backup and archiving, communication and notification procedures, action plans, and diagrams addressing containing and recovering operations, that each team has, and appropriate OptiPress staff can access through the network. The OptiPress BCP Disaster Declared - Section 18, can be improved by considering the following recommendations:
1) List the addresses and phone numbers of specific alternate data center locations in Pennsylvania, Ohio, and Maryland, in the event the Pittsburgh data center, and other Pennsylvania data centers need to be evacuated.
2) Clarify what organized rescue and disaster control operations mean for OptiPress, rather than any area of the society. Specifically, list the main teams working with DRT, that are being mobilized to the command center and their roles in responding to the natural disaster incident, until the rescue mission is completed.
3) Rather than define Disaster Recovery, describe the purpose or intent of DR relating to the command center plans and objectives (i.e. time periods, measurements, standards) used for continuing OptiPress business operations at alternate websites.
Scenario 2: The Group 2 BCP in previous sections contains an overall good process, policies, diagrams, and action plans in responding to data breaches and network outages. However, the specific IT team roles and responsibilities in earlier sections (i.e. 6, 9) could include data breach and system outages, which would then correspond to Section 18. This OptiPress BCP Disaster Declared Section 18 can be improved by considering the following recommendations:
1) Include the IT team and its role in mitigating data breaches and system outages.
2) Describe the IT team role in communicating and coordinating the disaster with OptiPress Senior Management and Department managers.
3) Briefly describe the joint plans, goals, and responses (include meeting places) amongst the teams and Senior Management in dealing with federal agencies, outside parties (suppliers, vendors), users, customers and public relations in handling compromised data, and system outages for continuing OptiPress business operations.
19. Contact EMT & DRT: Decide whether to continue to business recovery phase
Scenario 1: The Group 2 BCP in previous sections presents a good overview and process of the team roles in deciding whether to continue the business recovery phase, from natural disasters.
The BCP Section 19 presents the main parts that go into deciding whether to continue to thebusiness recovery phase, such as Assessment procedures, gathering requirements, Safety and Security issues, etc.
The BCP OptiPress Section 19 can be improved by considering the following recommendations:
1) Include the OptiPress Assessment and Evaluation Forms (Incident/Disaster, and Critical Equipment Status Assessment and Evaluation Form.
These important Forms are used to assess and document the disaster incident specifics, and condition of important equipment, for determining whether to continue to thebusiness recovery phase.
2) The BCP could explain the process, requirements, and safety concerns evaluated by the "appropriate OptiPress Managers, and Teams" in completing these forms, and deciding as for whether to continue to the business recovery phase.
3) Provide aspecific section for "building access permitting".
4) Provide more BCP "specifics" relating to OptiPress management and teams making decisions in the different headings/sections (See #2 above).
Scenario 2: The Group 2 BCP in previous sections presents a good overview and process of the team roles in evaluating or deciding whether to continue the business recovery phase, due to data breaches and system outages. The Group 2 BCP Section 19 seems to focus on natural disasters.
The OptiPress Section 19 can be improved by considering the following recommendations:
1) Describe regulations, audit requirements in the BCP, governing the protection of PII.
2) Mention the OptiPress systems and applications subject to PII protection, and system outages.
3) Describe some OptiPress IT safeguards for data breaches, i.e. encryption, backup, passwords, testing, etc.
4) Describe the OptiPress teams, and management communication plans to stakeholders, customers, suppliers, law agencies, etc. upon discovery of data breach.
5) Describe the need for budget and insurance funds available to resolve OptiPress data breach and system outage data recoveries (Koeppel, n.d.).
6) Discuss joint plans amongst Business Continuity, Data Recovery, and IT cybersecurity teams in continuing operations upon discovery of PII breach (Kirvan)