Information Technology Risk Management
Chapters: Chapter 15: Mitigating Risk with a Computer Incident Response Team
Review Lecture
Book:
Information systems security & assurance series
Jones & Barlett Learning
Managing Risk in Information Systems – Darril Gibson-second edition
Please list all references.
Cover page is not needed.
Number of pages needed: 10 for section 1+ two pages for disaster recovery plan template with total: 12 Pages (section 2)
There are two sections for this assignment.
Thank you
Assignment 5: Disaster Recovery Plan
This assignment consists of two (2) sections: a Disaster Recovery Plan (DRP), and a written DRP analysis. You must submit both sections as separate files for the completion of this assignment. Label each file name according to the section of the assignment it is written for. Additionally, you may create and /or assume all necessary assumptions needed for the completion of this assignment.
Acme National Bank of America (ANBA) has branches in Miami, FL, Detroit, MI, New York, NY, Los Angeles, CA, Denver, CO, St. Louis, MO, and Atlanta, GA. Each branch has workstations or terminals that are connected to a central data center located in Chicago, IL. Each branch also has local servers and desktop computers that are not connected to the central data center.
Senior management is concerned about the following potential events that could affect the operations of ANBA. The events include:
- Malfunctioning software
- Workstations and servers malfunctions
- Failed hard drives
- Large-scale natural disasters such as hurricanes and earthquakes
- Office fires
- Computer virus outbreaks
- Power outages caused by winter storm
- Terrorist attacks
Section 1: Disaster Recovery Plan
- Download the DRP template CIS527_A5_W9_ANBA-DRP.docx. Modify the template to create a Disaster Recovery Plan (DRP) for ANBA. Provide appropriate and accurate information for the areas outlined in the DRP template. ( THIS TEMPALTE IS IN THE BOTTOM OF THIS DOCUMENT)
Section 2: Disaster Recovery Plan Analysis
2. Write 10 pages paper in which you:
- Describe the main objectives of the ANBA DRP.
- Explain the key ways that ANBA’s DRP can help mitigate risk in the organization.
- Defend the need for DRPs in an enterprise organization such as ANBA.
- Infer on the difference between the elements of DRP between different branches of a multinational organization.
- Use at least two (2) quality resources in this assignment. Note: Wikipedia and similar Websites do not qualify as quality resources.
Your assignment must follow these formatting requirements:
- Be typed, double spaced, using Times New Roman font (size 12), with one-inch margins on all sides; citations and references must follow APA or school-specific format. Check with your professor for any additional instructions.
- Include a cover page containing the title of the assignment, the student’s name, the professor’s name, the course title, and the date. The cover page and the reference page are not included in the required assignment page length.
The specific course learning outcomes associated with this assignment are:
- Create a disaster recovery plan (DRP) based on the findings of a given risk assessment for an organization.
- Use technology and information resources to research issues in IT risk management.
- Write clearly and concisely about topics related to IT risk management using proper writing mechanics and technical style conventions.
Acme National Bank of America (ANBA)-2015
Enterprise Disaster Recovery Plan
Event Type: <Enter the event type, e.g. fire, earthquake, etc.>
Written By: <Enter your name here>
Disaster Recovery Plan
Unit: [Branch name]
General Information
| The following person is our primary crisis manager. | If the person is unable to manage the crisis, the person below will succeed in management. | |
| Primary emergency contact | Secondary emergency contact | |
| Telephone number | Telephone number | |
| Alternative number | Alternative number | |
The following people will participate in emergency planning and crisis management.
| The following is the primary processing site for our information resources. | If the primary site becomes unavailable, the following alternate site will be used. | |
| Building | Building | |
| Street address | Street address | |
| City, state, zip code | City, state, zip code | |
| Telephone number | Telephone number |
The primary copy of this plan will be stored in the following location.
An up-to-date copy of this plan will be stored in the following off-site location.
Critical Services
The following are our critical services, the administrators of these services, and the location of the business impact analysis and backup and recovery policy for each.
| Service name |
Administrator |
|||
| Location of Business Impact Analysis | ||||
| Location of Backup and Recovery Policy | ||||
| Service name |
Administrator |
|||
| Location of Business Impact Analysis | ||||
| Location of Backup and Recovery Policy | ||||
| Service name |
Administrator |
|||
| Location of Business Impact Analysis | ||||
| Location of Backup and Recovery Policy | ||||
| Service name |
Administrator |
|||
| Location of Business Impact Analysis | ||||
| Location of Backup and Recovery Policy | ||||
| Service name |
Administrator |
|||
| Location of Business Impact Analysis | ||||
| Location of Backup and Recovery Policy | ||||
Notification
In the event of a disaster, we will communicate with our staff in the following ways:
In the event of a disaster, we will notify our users in the following ways:
In the event of a disaster, the following external people or groups will be notified:
Vendor Contact Information (Provide information on vendors needed – determine how many will be needed – add if more than 3 will be needed)
| Company name | |||||||||||||
| Street address | |||||||||||||
| City |
State |
Zip code |
|||||||||||
| Account number | |||||||||||||
| Account manager name | |||||||||||||
| Phone |
Fax |
|
|||||||||||
| Technical support contact | |||||||||||||
| Phone |
Fax |
|
|||||||||||
| Company name | |||||||||||||
| Street address | |||||||||||||
| City |
State |
Zip code |
|||||||||||
| Account number | |||||||||||||
| Account manager name | |||||||||||||
| Phone |
Fax |
|
|||||||||||
| Technical support contact | |||||||||||||
| Phone |
Fax |
|
|||||||||||
| Company name | |||||||||||||
| Street address | |||||||||||||
| City |
State |
Zip code |
|||||||||||
| Account number | |||||||||||||
| Account manager name | |||||||||||||
| Phone |
Fax |
|
|||||||||||
| Technical support contact | |||||||||||||
| Phone |
Fax |
|
|||||||||||
Employee Contact Information
| Employee name | |||||
| Home phone |
Cell phone |
||||
| Employee name | |||||
| Home phone |
Cell phone |
||||
| Employee name | |||||
| Home phone |
Cell phone |
||||
| Employee name | |||||
| Home phone |
Cell phone |
||||
| Employee name | |||||
| Home phone |
Cell phone |
||||
| Employee name | |||||
| Home phone |
Cell phone |
||||
Notes:
Annual Review
| We will review and update this disaster plan in |
Approval
| Department head or chair. | Technical manager or lead. | |
| Signature | Signature | |
| Printed name | Printed name | |
| Date | Date |
