Академический Документы
Профессиональный Документы
Культура Документы
Appendix D
OF
PHOENIX IT SECURITY
TO
1.1.
Risk Assessment
You must ensure the safety of the computers and databases, service, level agreements, and have back-up plans in case of emergency and are unable to access network technology. The Mission-critical business systems that should be protected by the (DRP) should include, but are not limited to; Payroll, Human Resource Data, Point-of-Sale backup media, and the Web Servers.
Examples of the internal risks that may affect the business are unauthorized employees or any other unauthorized person having access to the individual stores computer systems, applications, and areas where servers and backup media are stored. Other external and environmental risks to the business include fire, floods, power outages, hardware or software failure, storms, and earthquakes
1.2.
Of the strategies of shared-site agreements, alternate sites, hot sites, cold sites, and warm sites, identify which of these recovery strategies is most appropriate for your selected scenario and why.
Page 1
With only having four separate business locations within fairly close proximity to each other it is my opinion that a shared-site agreement would be the most effective one. Sunica Music and Movies will be using the same hardware and software in each of the separate locations, this alone will eliminate compatibility issues in the event of a disaster, Natural or otherwise.
Disaster Recovery Test Plan For each testing method listed, briefly describe each method and your rationale for why it will or will not be included in your DRP test plan.
1.2.1. Walk-throughs
Members of the key business units meet to trace their steps through the plan, looking for omissions and inaccuracies (Merkow and Brethaupt, 2006). This step will be used to ensure that key employees now what their need to do when a disaster occurs at their location and what they must do to support a sister store if they have a disaster. They will also provide feedback for any problems that they observe during this process.
1.2.2. Simulations
During a practice session, critical personnel meet to perform a dry run of the emergency, mimicking the response to a true emergency as closely as possible (Merkow and Brethaupt, 2006). This testing method will be used because it will give the most realistic idea of the possible outcome of an actual disaster and familiarize employees with the appropriate responses.
1.2.3. Checklists
A more passive type of testing, members of the key departments check off the tasks for which they are responsible and report on the
Page 2
accuracy of the checklist. This is typically a first step toward a more comprehensive test (Merkow and Brethaupt, 2006). This testing method would be important because it would provide documentation to ensure that all the necessary steps have been taken.
Page 3
2. References
Cite all your references by adding the pertinent information to this section by following this example.
Merkow, M., & Breithaupt, J. (2006). Information security: Principles and practices. Pearson/Prentice Hall
Page 4