Finalizing a continuity plan.

User Generated

gnbbsyf

Computer Science

Business Continuity Planning and Disaster Recovery

Colorado Technical University

Description

Part 1 Tasks (Objectives from Week 1–4): 4–6 pages

For Part 1 of this assignment, you will consolidate all of the work you have completed so far in Phases 1–4. Part 1 should include a risk assessment, business impact analysis, and incident response sections developed from previous assignments. You will use this work to create a final draft of your business continuity plan. This assignment is not to simply cut and paste what you have previously submitted. Although you will reuse the majority of the work, you must also integrate any feedback provided by your instructor as well as include additional (new) content that will make this a cohesive document with Part 2 of this assignment.

Part 2 Tasks (Objectives from Week 5): 2 pages

For Part 2 of this assignment, you will add to Part 1 an additional section that addresses disaster recovery. You should use your text, library resources, and live chats to identify the appropriate topics of disaster recovery that fit with the risk assessment and business impact analysis that you have created in previous assignments.

Disaster recovery is heavily integrated with incident response; however, there should be a clear boundary that demonstrates when response efforts have ended and recovery efforts begin. Disaster recovery can be defined in several phases, as follows:

  • Response Phase: Here is where the disaster recovery plan is activated and the actions outlined in the plan are executed.
  • Recovery Phase: The organization implements time-critical business functions that are required to re-establish business functions to prevent further loss.
  • Resumption Phase: This phase addresses actions after recovery. This is where the time critical business functions are operational.
  • Restoration Phase: Where the organization begins to rebuild to establish normal operations, such as the following:
    • Repair and Replacement
    • Restoration of Primary Site
    • Relocation
    • Resumption of Primary Site
    • Standing down and after action review

Note: The key to successfully completing this assignment is to ensure that it addresses a solution to a problem. In other words, the final draft of your plan should not explain concepts. The plan should apply them. For example, in the disaster recovery section, you may choose to implement a cold site. The plan should not explain what a cold site is. It should discuss the procedures to establish and make the cold site operational.

Unformatted Attachment Preview

Running head: TRIANGLE RISK ASSESSMENT PROFILE Triangle Risk Assessment Profile Name Course Date 1 TRIANGLE RISK ASSESSMENT PROFILE (1) Asset or Operation at Risk PEOPLE (2) Hazard Sicknesses 2 (3) (4) Opportunities for (5) Sc Prevention Prob en or Mitigation abilit ari y (L, o M, (Location, H) Timing, IsMagnitude) a low Using less-strong L Impacts o f Existing Mitigation (L, M, H) (6 ) Peo ple ( 7) Prop erty (8) (9) Operati Environ ons ment (10) Entity L L M M L probability adhesives Breathing problems Chocking and coughing EQUIPMENT&MACH Pipe burst INERY MACHINERY Damages FINANCE Lawsuits High probability High probability High impact Raising roof levels H H H H H H Invest in vacuum system Contact insurance agencies ConSult attorneys H M H H M H H H M M M H Negotiation with involved parties TRIANGLE RISK ASSESSMENT PROFILE 3 Triangle Risk Assessment Profile HVAC is an initial for the heating, ventilation, and the air conditioning. NVAC systems are designed to bring comfort to homes and deals with developing air conditioning systems which are installed in homes and businesses alike. HVAC systems which provide indoor air conditioning, are most useful during the winter periods. Triangle company designs these systems to ensure customers receive the best air-conditioning services. A risk assessment was intended to show the effects that the company would likely face in their operations. Storms and flooding provide need to provide a need to design mitigation plans to combat the risks associated with them as well as other risks that are likely to have an impact on the organization. The first risk the report realized was the likelihood of exposure to asbestos which is harmful to people. Contaminants such as asbestos and lead used in the process of repairing the systems may lead to choking, breathing problems to human beings. These products are not necessarily used in designing but may result from the process of making the products. Contaminants such as chemicals cause harm and may lead to cancer. The company saw this as a risk and designed solutions. The first solution was to use less- strong adhesives in the process of repairing the systems. Another answer is to notify consumers of the chemicals before exposing them to the products. There was a low likelihood that a scenario involving lead and asbestos substances occurring. There are fewer reports concerning effects of the harmful products considering the mitigations put in place. The property will least likely be affected. Due to the health concerns, solutions drafted will reduce the impact it has on human beings (Ostrom & Wilhelmsen, 2012). Equipment and machinery are affected by the natural disasters- storms and floods. A perfect example is the snowstorms which fall on rooftops where the systems are installed and TRIANGLE RISK ASSESSMENT PROFILE 4 blocking them (Goodway, 2015). The winds blow snow towards the vents thus blocking them preventing people from enjoying quality air conditioning. The pipes blockages may result in bursting. The company is then forced to reinstall them with the severe conditions further increasing risks to the installer (Augenbroe et al., 2014). One solution is to increase the rooftops in anticipating future snowstorms. Winter storms force people to spend extra hours in their homes. During winter less, fresh air is circulated and denies the filters set in the systems to function correctly. Most air conditioning systems contain a single filter and the winter period further complicates the filtering process as dust particles from people's clothes get trapped and then circulated again. The result is that people suffering from asthmatic conditions will develop complications (Gennaro et al., 2013). Mitigation efforts towards reducing breathing complications include maintenance of the HVAC systems before winters, replacing filters at the onset of winters, and inspection of both the cooling and heating system. The overall hazard rating is high in matters relating to environment and people. Severe cases may lead to death if left uninspected regarding allergens. Besides, the winter storms affect the equipment by damaging them. People are indirectly affected because they must hire and incur charges to fix the bursts. The finance sector will most likely be affected because of the lawsuits which involve releasing funds to pay the affected victims and to cater for lawyer fees. To mitigate the risks, the company should first engage insurance companies and attorneys before signing a contract. TRIANGLE RISK ASSESSMENT PROFILE Reference De Gennaro, G., Farella, G., Marzocca, A., Mazzone, A., & Tutino, M. (2013). Indoor and outdoor monitoring of volatile organic compounds in school buildings: Indicators based on health risk assessment to single out critical issues. International journal of environmental research and public health, 10(12), 6273-6291. Goodway. (2015). Snow Blows: The HVAC Impact. Retrieved from http://www.goodway.com/hvac-blog/2015/02/snow-blows-the-hvac-impact/ Ostrom, L. T., & Wilhelmsen, C. A. (2012). Risk assessment: tools, techniques, and their applications. John Wiley & Sons. Sun, Y., Gu, L., Wu, C. J., & Augenbroe, G. (2014). Exploring HVAC system sizing under uncertainty. Energy and Buildings, 81, 243-252. 5 Running head: COMPUTER INCIDENT RESPONSE PLAN Computer Incident response plan Name Institutional affiliation 1 COMPUTER INCIDENT RESPONSE PLAN 2 Introduction IT infrastructures are very vulnerable due to the increased number of computer users, digitalization and advancement of threats. Companies, therefore, should be aware that threat may happen anytime and as a result, such instances could cripple the company’s operations or even compromise the entire information technology system. IT instance management plan involves several processes and steps. The most important among the steps are preparation, identification, containment, eradication, recovery and finally, lessons learned (Roberts, & Brown, 2017). Preparation Preparation involves assembling the right people, tools and processes so that the company will be ready to handle an IT incident immediately to reduce the severity of the outcome instead waiting for the situation to get out of control because of unpreparedness. The company will have an incident handling policy in place which will spell out a procedure on how the company systems administrator can attain permissions from the system owner. Such permission will give the system administrator authority to investigate incidents and threats in the computer networks without possible collisions with federal or state laws. The company will also have in place policy limiting privacy expectations so that the system administrators can easily monitor both the employees and the outsiders. Three policies including one informing all the system users are subject to monitoring, another on retention of email and last on the software auditing all enough. The network administrator will be the person responsible for all incident handling, but the company will have a whole IT team in case an incident needs more commitment than usual. There will also be an outside contact for full coverage in case the inside help is not sufficient. The company will set up an incident tracking system. To stop people from sniffing on the COMPUTER INCIDENT RESPONSE PLAN 3 company network, the traffic will be encrypted. Lastly, training of employee in the IT department is essential is it will Keep them on a high alert. Since they are the ones dealing with the computer on daily bases, they are more likely to see an abnormality in advance and keep the network administrator informed. Identification Here, an incident will be defined and the process of knowing that an incident has taken place. The entire help desk staff will be trained so that they can quickly be aware when an incident has taken place. They can then report the incident to the incident team for determination of severity. Such tools of detecting, identifying and communicating threats as firewall, ant viruses and other integrity tools will be installed and monitored on timely bases. Containment Before, the incident team was doing most of the things, but at this stage, one cannot avoid involving the management. It is noteworthy that the process of containing risk should not compromise the company’s work and business. Putting off the machine is a lousy containment action. Therefore, locking out a worm or an intruder will involve pulling out a cord while noting what is happening in decision making. Alternative containment will include isolating machines using such tools like the firewall. Eradication All machines with possible vulnerabilities will be checked on regular bases to ensure that all the aspects of the problem are solved. Attack vectors will be understood, removed permanently and cleanup done. In a simple situation, virus scanners will be used to remove disturbing files COMPUTER INCIDENT RESPONSE PLAN 4 and clean up the system. In a severe situation, firewalls, IPS and proxy servers will be used the removal and cleanup purpose. In the worst case situation, a whole system will be reinstalled from original media, patches applied and data restored. Recovery End users will be involved at this point. Validation procedures will be carried out on the system, and then the system put back to production. Lessons Leaned Throughout the above processes, all the vulnerabilities and recommendation will have been noted down. The network administrator will meet different expert to collect information on what went wrong, what improvements are to be done and the current atmosphere in the IT world. Conclusion Security of IT systems and infrastructure is of great importance in a company. In addition to physical security, cyber security should be prioritised. The above plan should ensure that the company IT infrastructure is free from cyber attacks. COMPUTER INCIDENT RESPONSE PLAN References Roberts, S. J., & Brown, R. (2017). Intelligence-driven incident response: Outwitting the adversary. 5 Running head: TRIANGLE RISK ASSESSMENT PROFILE Triangle Risk Assessment Profile Student Business Continuity and Disaster Recovery Planning Unit 1 and 2 Individual Projects 1 TRIANGLE RISK ASSESSMENT PROFILE (1) Asset or Operation at Risk PEOPLE (2) Hazard Sicknesses 2 (3) (4) Opportunities for (5) Sc Prevention Prob en or Mitigation abilit ari y (L, o M, (Location, H) Timing, IsMagnitude) a low Using less-strong L Impacts o f Existing Mitigation (L, M, H) (6 ) Peo ple ( 7) Prop erty (8) (9) Operati Environ ons ment (10) Entity L L M M L probability adhesives Breathing problems Chocking and coughing EQUIPMENT&MACH Pipe burst INERY MACHINERY Damages FINANCE Lawsuits High probability High probability High impact Raising roof levels H H H H H H Invest in vacuum system Contact insurance agencies ConSult attorneys H M H H M H H H M M M H Negotiation with involved parties TRIANGLE RISK ASSESSMENT PROFILE 3 Triangle Risk Assessment Profile HVAC is an initial for the heating, ventilation, and the air conditioning. NVAC systems are designed to bring comfort to homes and deals with developing air conditioning systems which are installed in homes and businesses alike. HVAC systems which provide indoor air conditioning, are most useful during the winter periods. Triangle company designs these systems to ensure customers receive the best air-conditioning services. A risk assessment was intended to show the effects that the company would likely face in their operations. Storms and flooding provide need to provide a need to design mitigation plans to combat the risks associated with them as well as other risks that are likely to have an impact on the organization. The first risk the report realized was the likelihood of exposure to asbestos which is harmful to people. Contaminants such as asbestos and lead used in the process of repairing the systems may lead to choking, breathing problems to human beings. These products are not necessarily used in designing but may result from the process of making the products. Contaminants such as chemicals cause harm and may lead to cancer. The company saw this as a risk and designed solutions. The first solution was to use less- strong adhesives in the process of repairing the systems. Another answer is to notify consumers of the chemicals before exposing them to the products. There was a low likelihood that a scenario involving lead and asbestos substances occurring. There are fewer reports concerning effects of the harmful products considering the mitigations put in place. The property will least likely be affected. Due to the health concerns, solutions drafted will reduce the impact it has on human beings (Ostrom & Wilhelmsen, 2012). Equipment and machinery are affected by the natural disasters- storms and floods. A perfect example is the snowstorms which fall on rooftops where the systems are installed and TRIANGLE RISK ASSESSMENT PROFILE 4 blocking them (Goodway, 2015). The winds blow snow towards the vents thus blocking them preventing people from enjoying quality air conditioning. The pipes blockages may result in bursting. The company is then forced to reinstall them with the severe conditions further increasing risks to the installer (Augenbroe et al., 2014). One solution is to increase the rooftops in anticipating future snowstorms. Winter storms force people to spend extra hours in their homes. During winter less, fresh air is circulated and denies the filters set in the systems to function correctly. Most air conditioning systems contain a single filter and the winter period further complicates the filtering process as dust particles from people's clothes get trapped and then circulated again. The result is that people suffering from asthmatic conditions will develop complications (Gennaro et al., 2013). Mitigation efforts towards reducing breathing complications include maintenance of the HVAC systems before winters, replacing filters at the onset of winters, and inspection of both the cooling and heating system. The overall hazard rating is high in matters relating to environment and people. Severe cases may lead to death if left uninspected regarding allergens. Besides, the winter storms affect the equipment by damaging them. People are indirectly affected because they must hire and incur charges to fix the bursts. The finance sector will most likely be affected because of the lawsuits which involve releasing funds to pay the affected victims and to cater for lawyer fees. To mitigate the risks, the company should first engage insurance companies and attorneys before signing a contract. TRIANGLE RISK ASSESSMENT PROFILE Reference De Gennaro, G., Farella, G., Marzocca, A., Mazzone, A., & Tutino, M. (2013). Indoor and outdoor monitoring of volatile organic compounds in school buildings: Indicators based on health risk assessment to single out critical issues. International journal of environmental research and public health, 10(12), 6273-6291. Goodway. (2015). Snow Blows: The HVAC Impact. Retrieved from http://www.goodway.com/hvac-blog/2015/02/snow-blows-the-hvac-impact/ Ostrom, L. T., & Wilhelmsen, C. A. (2012). Risk assessment: tools, techniques, and their applications. John Wiley & Sons. Sun, Y., Gu, L., Wu, C. J., & Augenbroe, G. (2014). Exploring HVAC system sizing under uncertainty. Energy and Buildings, 81, 243-252. 5 DISASTER RECOVERY DEALING WITH SITES AND INCIDENT RESPONSE PLAN • Student • Unit 3 Individual Project Disaster Recovery Sites Options • Alternative sites for IT operations are important • Exclusive site options • Hot Sites • Cold Sites • Warm sites • Mobile sites Warm Sites and Its Purpose • Hot site without data replication • Offers access to space, equipment and utilities • Requires the installation of current backups and restoration of the systems online to become operational • These sites works for organizations or businesses that can tolerate one or two days of downtime Cold Sites and Its Purpose • Arrangements for access to the recovery site that is fitted with the necessary utilities and services. • Sites do not require substantial up-front outlays • Access to sufficient capital necessary to cover equipment acquisition • Bringing this site up requires one to two weeks Mobile Sites and Its Purpose • Site operator creates portable structures that are equipped with computing equipment • Degree to which the computing environment is decided is influenced by varying factors • Make sense for organizations with less tolerance for resuming their IT operations. Shared Sites and Its Purpose • Shared sites are less expensive • DR service providers rely on the perception that disaster cannot strike at the same time • Shared sites is associated with significant drawbacks Computer Security Incident Response Plan: Preparation • Activities that will enable the ISO to respond to the cyber-attack incident • Formulation of policies, acquisition of tools, stipulation of procedures, effective governance and communication plans to facilitate the response. • Instituting necessary controls Detection • Discovery of the cyber-attack • The use of the defined security tools • Accurately ascertaining the nature of the attack • Running of periodic assessments Containment • The affected the affected system is identified • Parties are notified and the investigative status is established • The ISO is required to maintain sufficient staffing • Use of the available tools for detecting new events Investigation • The ISO together with the DR team will determine the scope, priority and the main cause of the cyber-attack. • Timely investigation to ensure that the downtime is limited • Determines the extent of the attack Remediation • Enacting activities that are of importance to resuming business operations. • Main activities; • Post-incident repair of the affected systems • Instructions to the affected parties • Communication • Assessment to establish if the cyber-attack has been adequately contained. Recovery • Conducting analysis of the breach • Gathering the metrics and integrating the ‘lesson learned” for use in future training and activities. • Insider or outsider threats are minimized Conclusion • The disaster recovery site are critical to the organisation as this enables them to resume their operations. The different exclusive sites options provides businesses the opportunity to prepare for such attacks and limit their impact on the organization’s activities. Considerably, the disaster recovery plan details on the specific phases and procedures to be adopted after a system breach to restore the organization’s normal processes. References • Cichonski, P., Millar, T., Grance, T., & Scarfone, K. (2013). Computer security incident handling guide. In tern ation al jou rn al of c om pu ter res earc h , 20(4), 459. • Willis, J. (2016). Disaster recovery site considerations. MIS science cooperation. Accessed From http://www.missciences.com/docs/DRSiteConsiderations.pdf Running head: COMPUTER INCIDENT RESPONSE PLAN Student Unit 4 Individual Project Introduction 1 COMPUTER INCIDENT RESPONSE PLAN 2 IT infrastructures are very vulnerable due to the increased number of computer users, digitalization and advancement of threats. Companies, therefore, should be aware that threat may happen anytime and as a result, such instances could cripple the company’s operations or even compromise the entire information technology system. IT instance management plan involves several processes and steps. The most important among the steps are preparation, identification, containment, eradication, recovery and finally, lessons learned (Roberts, & Brown, 2017). Preparation Preparation involves assembling the right people, tools and processes so that the company will be ready to handle an IT incident immediately to reduce the severity of the outcome instead waiting for the situation to get out of control because of unpreparedness. The company will have an incident handling policy in place which will spell out a procedure on how the company systems administrator can attain permissions from the system owner. Such permission will give the system administrator authority to investigate incidents and threats in the computer networks without possible collisions with federal or state laws. The company will also have in place policy limiting privacy expectations so that the system administrators can easily monitor both the employees and the outsiders. Three policies including one informing all the system users are subject to monitoring, another on retention of email and last on the software auditing all enough. The network administrator will be the person responsible for all incident handling, but the company will have a whole IT team in case an incident needs more commitment than usual. There will also be an outside contact for full coverage in case the inside help is not sufficient. The company will set up an incident tracking system. To stop people from sniffing on the company network, the traffic will be encrypted. Lastly, training of employee in the IT department is essential is it will Keep them on a high alert. Since they are the ones dealing with COMPUTER INCIDENT RESPONSE PLAN 3 the computer on daily bases, they are more likely to see an abnormality in advance and keep the network administrator informed. Identification Here, an incident will be defined and the process of knowing that an incident has taken place. The entire help desk staff will be trained so that they can quickly be aware when an incident has taken place. They can then report the incident to the incident team for determination of severity. Such tools of detecting, identifying and communicating threats as firewall, ant viruses and other integrity tools will be installed and monitored on timely bases. Containment Before, the incident team was doing most of the things, but at this stage, one cannot avoid involving the management. It is noteworthy that the process of containing risk should not compromise the company’s work and business. Putting off the machine is a lousy containment action. Therefore, locking out a worm or an intruder will involve pulling out a cord while noting what is happening in decision making. Alternative containment will include isolating machines using such tools like the firewall. Eradication All machines with possible vulnerabilities will be checked on regular bases to ensure that all the aspects of the problem are solved. Attack vectors will be understood, removed permanently and cleanup done. In a simple situation, virus scanners will be used to remove disturbing files and clean up the system. In a severe situation, firewalls, IPS and proxy servers will be used the COMPUTER INCIDENT RESPONSE PLAN 4 removal and cleanup purpose. In the worst case situation, a whole system will be reinstalled from original media, patches applied and data restored. Recovery End users will be involved at this point. Validation procedures will be carried out on the system, and then the system put back to production. Lessons Leaned Throughout the above processes, all the vulnerabilities and recommendation will have been noted down. The network administrator will meet different expert to collect information on what went wrong, what improvements are to be done and the current atmosphere in the IT world. Conclusion Security of IT systems and infrastructure is of great importance in a company. In addition to physical security, cyber security should be prioritised. The above plan should ensure that the company IT infrastructure is free from cyber attacks. References COMPUTER INCIDENT RESPONSE PLAN Roberts, S. J., & Brown, R. (2017). Intelligence-driven incident response: Outwitting the adversary. 5
Purchase answer to see full attachment
User generated content is uploaded by users for the purposes of learning and should be used following Studypool's honor code & terms of service.

Explanation & Answer

Attached.

Running Head: BUSINESS CONTINUITY AND DISASTER RECOVERY PLANNING

Triangle Risk Assessment Profile
Student
Business Continuity and Disaster Recovery Planning

1

BUSINESS CONTINUITY AND DISASTER RECOVERY PLANNING

2

Introduction
Threats and vulnerabilities affect computer IT infrastructures of Triangle because of the
increased number of computer users in its operations. Also, the organization has experienced a
widespread digitalization and advancement of threats that adversely affect its operations. It has,
therefore, put in place measures to enable it to identify and respond to any cyber-attack threat
within the shortest time possible. The organization is much aware that the threats and
vulnerabilities that face its operation have the potential of compromising the entire information
technology system. As such, it has implemented an IT instance management plan that
incorporates several processes and steps. The most important among the steps are preparation,
identification, containment, eradication, recovery. This business continuity plan incorporates a
disaster recovery and Incident response plan that have been developed in line with the risk
assessment and business impact analysis of the organization. It has been integrated with incident
response to take over the business continuity process when the response efforts end
Part 1 Computer Incident Response Plan
Triangle Risk Assessments Profile
The risk assessments profile of Triangle reveals that the operations of the organization
expose it to both physical and computer risks. Among the highly vulnerable risks that were
identified in the risk profile assessment are asbestos, cyber-attack, internet security and
vulnerability as well as a physical intrusion by unauthorized parties (Ostrom & Wilhelmsen,
2012). The organization also noted that it may suffer huge financial losses in terms of the costs to
be incurred to correct the disaster that the computer system may suffer. Internet security risks
will lead to threats and vulnerability to the data and information stored in the computer network.

BUSINESS CONTINUITY AND DISASTER RECOVERY PLANNING

3

The likely outcome of such risks is compromising the credibility, availability, and integrity of the
data, thus making them invaluable to the company.
The threats of physical entry by external intruders into the computer system may lead to
theft of the computer hardware, software and even alteration of passwords and usernames. This
will adversely affect the company in terms of data theft, cyber bullying and fishing confidential
information for economic sabotage and malice. Other internet vulnerabilities that the
organization identified have the potential of the exposing the staff to unsuspecting fraudsters
who may fish personal information and use them for criminal acts of fraudulent activities.
Having identified the level of risks and the potential impact of every risk taking place at
the company, a sufficed measure has been put in place implement the available opportunities so
as to mitigate adverse effects of the risk, should they occur. The risks with a high probability of
occurrence have been giving priority while the risks with a low probability of occulting have
been assigning less preference. Such a move will ena...


Anonymous
I use Studypool every time I need help studying, and it never disappoints.

Studypool
4.7
Trustpilot
4.5
Sitejabber
4.4

Similar Content

Related Tags