SearchDisasterRecovery IT DisasterRecoveryTemplate

<Client Name>
IT Disaster Recovery Plan Template By Paul Kirvan, CISA, CISSP, FBCI, CBCP
Revision History
REVISION Original 1.0 DATE NAME DESCRIPTION
Table of Contents
By Paul Kirvan, CISA, CISSP, FBCI, CBCP......................................................................1 Information Technology Statement of Intent.......................................................................5 Policy Statement.................................................................................................................. 5 Objectives ........................................................................................................................... 5 Key Personnel Contact Info................................................................................................. 6 Notification Calling Tree ................................................................................................ 7 External Contacts................................................................................................................. 8 External Contacts Calling Tree......................................................................................10 1 Plan Overview.................................................................................................................11 1.1 Plan Updating...........................................................................................................11 1.2 Plan Documentation Storage....................................................................................11 1.3 Backup Strategy....................................................................................................... 11 1.4 Risk Management.................................................................................................... 11 2 Emergency Response...................................................................................................... 12 2.1 Alert, escalation and plan invocation.......................................................................12 2.1.1 Plan Triggering Events..................................................................................... 12 2.1.2 Assembly Points...............................................................................................12 2.1.3 Activation of Emergency Response Team........................................................12 2.2 Disaster Recovery Team.......................................................................................... 13 2.3 Emergency Alert, Escalation and DRP Activation.................................................. 13 2.3.1 Emergency Alert............................................................................................... 13 2.3.2 DR Procedures for Management.......................................................................14 2.3.3 Contact with Employees................................................................................... 14 2.3.4 Backup Staff......................................................................................................14 2.3.5 Recorded Messages / Updates.......................................................................... 14 2.3.7 Alternate Recovery Facilities / Hot Site........................................................... 14 2.3.8 Personnel and Family Notification................................................................... 14 3 Media.............................................................................................................................. 15 3.1 Media Contact.........................................................................................................15 3.2 Media Strategies......................................................................................................15 3.3 Media Team............................................................................................................. 15 3.4 Rules for Dealing with Media..................................................................................15 4 Insurance ........................................................................................................................ 15 5 Financial and Legal Issues.............................................................................................. 16 5.1 Financial Assessment...............................................................................................16 5.2 Financial Requirements........................................................................................... 16 5.3 Legal Actions........................................................................................................... 16 6 DRP Exercising...............................................................................................................16 Appendix A Technology Disaster Recovery Plan Templates ........................................17
3
Disaster Recovery Plan for <System One>................................................................... 17 Disaster Recovery Plan for <System Two>...................................................................19 Disaster Recovery Plan for Local Area Network (LAN)...............................................21 Disaster Recovery Plan for Wide Area Network (WAN)..............................................23 Disaster Recovery Plan for Remote Connectivity......................................................... 25 Disaster Recovery Plan for Voice Communications..................................................... 27 Appendix B Suggested Forms........................................................................................ 29 Damage Assessment Form.............................................................................................29 Management of DR Activities Form..............................................................................29 Disaster Recovery Event Recording Form.................................................................... 30 Disaster Recovery Activity Report Form...................................................................... 30 Mobilizing the Disaster Recovery Team Form .............................................................31 Mobilizing the Business Recovery Team Form ............................................................31 Monitoring Business Recovery Task Progress Form ....................................................32 Preparing the Business Recovery Report Form ............................................................ 32 Communications Form ..................................................................................................33 Returning Recovered Business Operations to Business Unit Leadership.....................33 Business Process/Function Recovery Completion Form...............................................34
Information Technology Statement of Intent

This document delineates our policies and procedures for technology disaster recovery, as well as our process-level plans for recovering critical technology platforms and the telecommunications infrastructure. This document summarizes our recommended procedures. In the event of an actual emergency situation, modifications to this document may be made to ensure physical safety of our people, our systems, and our data. ur mission is to ensure information system uptime, data integrity and availability, and business continuity.
Policy Statement
!orporate management has approved the following policy statement" The company shall develop a comprehensive IT disaster recovery plan. # formal ris$ assessment shall be underta$en to determine the re%uirements for the disaster recovery plan. The disaster recovery plan should cover all essential and critical infrastructure elements, systems and networ$s, in accordance with $ey business activities. The disaster recovery plan should be periodically tested in a simulated environment to ensure that it can be implemented in emergency situations and that the management and staff understand how it is to be e&ecuted. #ll staff must be made aware of the disaster recovery plan and their own respective roles. The disaster recovery plan is to be $ept up to date to ta$e into account changing circumstances.
Objectives
The principal ob'ective of the disaster recovery program is to develop, test and document a well-structured and easily understood plan which will help the company recover as %uic$ly and effectively as possible from an unforeseen disaster or emergency which interrupts information systems and business operations. #dditional ob'ectives include the following" The need to ensure that all employees fully understand their duties in implementing such a plan The need to ensure that operational policies are adhered to within all planned activities The need to ensure that proposed contingency arrangements are cost-effective The need to consider implications on other company sites (isaster recovery capabilities as applicable to $ey customers, vendors and others
Key Personnel Contact Info

Name, Title Contact Option Contact Number
*or$ #lternate +obile ,ome -mail #ddress #lternate -mail *or$ #lternate +obile ,ome -mail #ddress #lternate -mail *or$ #lternate +obile ,ome -mail #ddress #lternate -mail *or$ #lternate +obile ,ome -mail #ddress #lternate -mail *or$ #lternate +obile ,ome -mail #ddress #lternate -mail *or$ #lternate +obile ,ome -mail #ddress #lternate -mail
Notification Calling Tree
Person Identifying Incident
External Contacts
Name, Title Contact Option Contact Number
Landlord / Property Manager #ccount 0umber 0one *or$ +obile ,ome -mail #ddress Power Company #ccount 0umber
*or$ +obile ,ome -mail #ddress
Telecom Carrier 1 #ccount 0umber
*or$ +obile 1a& ,ome -mail #ddress
Telecom Carrier 2 #ccount 0umber
Hardware Supplier 1 #ccount 0umber
*or$ +obile -mergency 2eporting -mail #ddress
Ser er Supplier 1 #ccount 0umber.
*or$ +obile 1a& -mail #ddress
!or"#tation Supplier 1 #ccount 0umber
O$$ice Supplie# 1 #ccount 0umber !334)/53
*or$ +obile ,ome -mail #ddress 5
Name, Title
Contact Option
Contact Number
%n#urance & Name #ccount 0umber
Site Security & #ccount 0umber
O$$'Site Storage 1 #ccount 0umber
O$$'Site Storage 2 #ccount 0umber
6ser I( 7assword ,ome -mail #ddress
H()C & #ccount 0umber
Power *enerator & #ccount 0umber
Ot+er & #ccount 0umber
External Contacts Calling Tree
83
1 Plan Overview 1 1 Plan !"#ating

It is necessary for the (27 updating process to be properly structured and controlled. *henever changes are made to the plan they are to be fully tested and appropriate amendments should be made to the training materials. This will involve the use of formalized change control procedures under the control of the IT (irector.
1 $ Plan %oc&mentation Storage

!opies of this 7lan, !(, and hard copies will be stored in secure locations to be defined by the company. -ach member of senior management will be issued a !( and hard copy of this plan to be filed at home. -ach member of the (isaster 2ecovery Team and the 9usiness 2ecovery Team will be issued a !( and hard copy of this plan. # master protected copy will be stored on specific resources established for this purpose.
1 ' (ac)&" Strategy

:ey business processes and the agreed bac$up strategy for each are listed below. The strategy chosen is for a fully mirrored recovery site at the company;s offices in <<<<<. This strategy entails the maintenance of a fully mirrored duplicate site which will enable instantaneous switching between the live site =head%uarters> and the bac$up site.
KE* (!SINESS P+OCESS (,CK!P ST+,TE-*
IT Operations Tech Support - Hardware Tech Support - Software Facilities Management Email Purchasing isaster !ecovery Finance "ontracts #dmin $arehouse % Inventory Product Sales Maintenance Sales Human !esources Testing Fully Mirrored !ecovery site $or&shop Fully Mirrored !ecovery site "all "enter $e' Site
Fully mirrored recovery site Fully mirrored recovery site Fully mirrored recovery site Fully mirrored recovery site Fully mirrored recovery site Fully mirrored recovery site Fully mirrored recovery site Fully mirrored recovery site Fully mirrored recovery site Fully mirrored recovery site Fully mirrored recovery site Fully mirrored recovery site Off-site data storage facility Fully mirrored recovery site Fully mirrored recovery site Fully mirrored recovery site Fully mirrored recovery site
1 . +is) /anagement
There are many potential disruptive threats which can occur at any time and affect the normal business process. *e have considered a wide range of potential threats and the
88
results of our deliberations are included in this section. -ach potential environmental disaster or emergency situation has been e&amined. The focus here is on the level of business disruption which could arise from each type of disaster. 7otential disasters have been assessed as follows"
Potential %isaster Probability +ating Im"act +ating (rief %escri"tion Of Potential Conse0&ences 1 +eme#ial ,ctions
Flood Fire
( (
) )
#ll critical e*uipment is located on +st Floor FM,-- suppression system installed in main computer centers. Fire and smo&e detectors on all floors.
Tornado Electrical storms #ct of terrorism #ct of sa'otage Electrical power failure
/ / / / (
3oss of communications networ& services Pro'a'ility6 +78ery High5 /78ery 3ow
!edundant 0PS array together with auto stand'y generator that is tested wee&ly % remotely monitored ,)12. 0PSs also remotely monitored. Two diversely routed T+ trun&s into 'uilding. $#4 redundancy5 voice networ& resilience
Impact6 +7Total destruction5 /7Minor annoyance
$ Emergency +es"onse
$1 ,lert2 escalation an# "lan invocation
2.1.1 PlanTriggeringEvents
:ey trigger issues at head%uarters that would lead to activation of the (27 are" Total loss of all communications Total loss of power 1looding of the premises ?oss of the building
2.1.2 AssemblyPoints
*here the premises need to be evacuated, the (27 invocation plan identifies two evacuation assembly points" 7rimary @ 1ar end of main par$ing lotA #lternate @ 7ar$ing lot of company across the street
2.1.3 Activationof EmergencyResponseTeam

*hen an incident occurs the -mergency 2esponse Team =-2T> must be activated. The -2T will then decide the e&tent to which the (27 must be invo$ed. #ll employees must
82
be issued a Buic$ 2eference card containing -2T contact details to be used in the event of a disaster. 2esponsibilities of the -2T are to" 2espond immediately to a potential disaster and call emergency servicesA #ssess the e&tent of the disaster and its impact on the business, data center, etc.A (ecide which elements of the (2 7lan should be activatedA -stablish and manage disaster recovery team to maintain vital services and return to normal operationA -nsure employees are notified and allocate responsibilities and activities as re%uired.
$ $ %isaster +ecovery Team

The team will be contacted and assembled by the -2T. The teamCs responsibilities include" -stablish facilities for an emergency level of service within 2.3 business hoursA 2estore $ey services within 4.3 business hours of the incidentA 2ecover to business as usual within 5.3 to 24.3 hours after the incidentA !oordinate activities with disaster recovery team, first responders, etc. 2eport to the emergency response team.
$'
Emergency ,lert2 Escalation an# %+P ,ctivation
This policy and procedure has been established to ensure that in the event of a disaster or crisis, personnel will have a clear understanding of who should be contacted. 7rocedures have been addressed to ensure that communications can be %uic$ly established while activating disaster recovery. The (2 plan will rely principally on $ey members of management and staff who will provide the technical and management s$ills necessary to achieve a smooth technology and business recovery. Duppliers of critical goods and services will continue to support recovery of business operations as the company returns to normal operating mode.
2.3.1 EmergencyAlert
The person discovering the incident calls a member of the -mergency 2esponse Team in the order listed" -mergency 2esponse Team E <<<<<<<<< E <<<<<<<<< E <<<<<<<<< If not available try" E <<<<<<<<< E <<<<<<<<<
83
The -mergency 2esponse Team =-2T> is responsible for activating the (27 for disasters identified in this plan, as well as in the event of any other occurrence that affects the company;s capability to perform normally. ne of the tas$s during the early stages of the emergency is to notify the (isaster 2ecovery Team =(2T> that an emergency has occurred. The notification will re%uest (2T members to assemble at the site of the problem and will involve sufficient information to have this re%uest effectively communicated. The 9usiness 2ecovery Team =92T> will consist of senior representatives from the main business departments. The 92T ?eader will be a senior member of the companyCs management team, and will be responsible for ta$ing overall charge of the process and ensuring that the company returns to normal wor$ing operations as early as possible.
2.3.2 DR Proceduresfor Management

+embers of the management team will $eep a hard copy of the names and contact numbers of each employee in their departments. In addition, management team members will have a hard copy of the company;s disaster recovery and business continuity plans on file in their homes in the event that the head%uarters building is inaccessible, unusable, or destroyed.
2.3.3 Contactwith Employees

+anagers will serve as the focal points for their departments, while designated employees will call other employees to discuss the crisisFdisaster and the company;s immediate plans. -mployees who cannot reach staff on their call list are advised to call the staff member;s emergency contact to relay information on the disaster.
2.3.4 BackupStaff
If a manager or staff member designated to contact other staff members is unavailable or incapacitated, the designated bac$up staff member will perform notification duties.
2.3.5 RecordedMessages/ Updates

1or the latest information on the disaster and the organization;s response, staff members can call a toll-free hotline listed in the (27 wallet card. Included in messages will be data on the nature of the disaster, assembly sites, and updates on wor$ resumption.
2.3.7 AlternateRecoveryFacilities/ Hot Site

If necessary, the hot site at DunGard will be activated and notification will be given via recorded messages or through communications with managers. ,ot site staffing will consist of members of the disaster recovery team only for the first 24 hours, with other staff members 'oining at the hot site as necessary.
2.3.8 Personneland FamilyNotification

If the incident has resulted in a situation which would cause concern to an employee;s immediate family such as hospitalization of in'ured persons, it will be necessary to notify their immediate family members %uic$ly.
84
' /e#ia ' 1 /e#ia Contact

#ssigned staff will coordinate with the media, wor$ing according to guidelines that have been previously approved and issued for dealing with post-disaster communications.
' $ /e#ia Strategies

8. #voiding adverse publicity 2. Ta$e advantage of opportunities for useful publicity 3. ,ave answers to the following basic %uestions" *hat happenedH ,ow did it happenH *hat are you going to do about itH
' ' /e#ia Team

<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
' . +&les for %ealing with /e#ia

Only the media team is permitted direct contact with the mediaA anyone else contacted should refer callers or in-person media representatives to the media team.
. Ins&rance
#s part of the company;s disaster recovery and business continuity strategies a number of insurance policies have been put in place. These include errors and omissions, directors I officers liability, general liability, and business interruption insurance. If insurance-related assistance is required following an emergency out of normal business hours, please contact: ____________________________________________
Policy Name Coverage Ty"e Coverage Perio# ,mo&nt Of Coverage Person +es"onsible 3or Coverage Next +enewal %ate
8)
4 3inancial an# 5egal Iss&es 4 1 3inancial ,ssessment

The emergency response team shall prepare an initial assessment of the impact of the incident on the financial affairs of the company. The assessment should include" ?oss of financial documents ?oss of revenue Theft of chec$ boo$s, credit cards, etc. ?oss of cash
4 $ 3inancial +e0&irements
The immediate financial needs of the company must be addressed. These can include" !ash flow position Temporary borrowing capability 6pcoming payments for ta&es, payroll ta&es, Docial Decurity, etc. #vailability of company credit cards to pay for supplies and services re%uired postdisaster
4 ' 5egal ,ctions

The company legal department and -2T will 'ointly review the aftermath of the incident and decide whether there may be legal actions resulting from the eventA in particular, the possibility of claims by or against the company for regulatory violations, etc.
6 %+P Exercising
(isaster recovery plan e&ercises are an essential part of the plan development process. In a (27 e&ercise no one passes or failsA everyone who participates learns from e&ercises @ what needs to be improved, and how the improvements can be implemented. 7lan e&ercising ensures that emergency teams are familiar with their assignments and, more importantly, are confident in their capabilities. Duccessful (2 plans launch into action smoothly and effectively when they are needed. This will only happen if everyone with a role to play in the plan has rehearsed the role one or more times. The plan should also be validated by simulating the circumstances within which it has to wor$ and seeing what happens.
8.
,""en#ix , 7 Technology %isaster +ecovery Plan Tem"lates %isaster +ecovery Plan for 8System One9
S,ST-M O(-.(%-! P.O/0CT% ON S-.(-. ?ocation" Derver +odel" perating Dystem" !76s" +emory" Total (is$" Dystem ,andle" Dystem Derial J" (0D -ntry" I7 #ddress" ther" 7rovide details
HOT S%T- S-.(-. )PPL%C)T%ONS =6se bold for ,ot Dite> )SSOC%)T-/ S-.(-.S 1-, CONT)CTS ,ardware Kendor Dystem wners (atabase wner #pplication wners Doftware Kendors ffsite Dtorage 2)C10P ST.)T-*, 3O. S,ST-M ON(aily +onthly Buarterly S,ST-M ON/%S)ST-. .-CO(-., P.OC-/0.-
7rovide details 7rovide details 7rovide details 7rovide details 7rovide details 7rovide details
7rovide details 7rovide details 7rovide details
7rovide details Dcenario 8 Total ?oss of (ata 7rovide details Dcenario 2 Total ?oss of ,*
8/
,%%EN%!/ CONT)CTS
3ile Systems 8#ate9 3ile Sy#tem a# o$ 4date5 +inimal file systems to be created and restored from bac$up" L?istM ther critical files to modify 0ecessary directories to create !ritical files to restore Decondary files to restore ther files to restore L7rovide detailsM L7rovide detailsM L7rovide detailsM L7rovide detailsM L7rovide detailsM 3ile#y#tem L7rovide detailsM "byte# 0#ed ) ail 6u#ed Mounted on
85
%isaster +ecovery Plan for 8System Two9

S,ST-M O(-.(%-! P.O/0CT% ON S-.(-. ?ocation" Derver +odel" perating Dystem" !76s" +emory" Total (is$" Dystem ,andle" Dystem Derial J" (0D -ntry" I7 #ddress" ther" 7rovide details
HOT S%T- S-.(-. )PPL%C)T%ONS =6se bold for ,ot Dite> )SSOC%)T-/ S-.(-.S 1-, CONT)CTS ,ardware Kendor Dystem wners (atabase wner #pplication wners Doftware Kendors ffsite Dtorage 2)C10P ST.)T-*, $or S,ST-M T!O (aily +onthly Buarterly S,ST-M T!O /%S)ST-. .-CO(-., P.OC-/0.-
84
,%%EN%!/ CONT)CTS
3ile Systems 8#ate9 1ile Dystem as of LdateM +inimal file systems to be created and restored from bac$up" L?istM ther critical files to modify 0ecessary directories to create !ritical files to restore Decondary files to restore ther files to restore L7rovide detailsM L7rovide detailsM L7rovide detailsM L7rovide detailsM L7rovide detailsM 3ile#y#tem L7rovide detailsM "byte# 0#ed ) ail 6u#ed Mounted on
23
%isaster +ecovery Plan for 5ocal ,rea Networ) :5,N;

S,ST-M O(-.(%-! S-.(-.
HOT S%T- S-.(-. )PPL%C)T%ONS =6se bold for ,ot Dite> )SSOC%)T-/ S-.(-.S 1-, CONT)CTS ,ardware Kendor Dystem wners (atabase wner #pplication wners Doftware Kendors ffsite Dtorage 2)C10P ST.)T-*, $or S,ST-M T!O (aily +onthly Buarterly S,ST-M T!O /%S)ST-. .-CO(-., P.OC-/0.-
?ocation" Derver +odel" perating Dystem" !76s" +emory" Total (is$" Dystem ,andle" Dystem Derial J" (0D -ntry" I7 #ddress" ther" 7rovide details
28
,%%EN%!/ CONT)CTS
3ile Systems 8#ate9 1ile Dystem as of LdateM +inimal file systems to be created and restored from bac$up" L?istM ther critical files to modify 0ecessary directories to create !ritical files to restore Decondary files to restore ther files to restore L7rovide detailsM L7rovide detailsM L7rovide detailsM L7rovide detailsM L7rovide detailsM 3ile#y#tem L7rovide detailsM "byte# 0#ed ) ail 6u#ed Mounted on
22
%isaster +ecovery Plan for <i#e ,rea Networ) :<,N;

S,ST-M O(-.(%-! -70%PM-NT
HOT S%T- -70%PM-NT SP-C%)L )PPL%C)T%ONS )SSOC%)T-/ /-(%C-S 1-, CONT)CTS ,ardware Kendor Dystem wners (atabase wner #pplication wners Doftware Kendors ffsite Dtorage 0etwor$ Dervices 2)C10P ST.)T-*, $or S,ST-M T!O (aily +onthly Buarterly S,ST-M T!O /%S)ST-. .-CO(-., P.OC-/0.-
?ocation" (evice Type" +odel 0o." Technical Dpecifications" 0etwor$ Interfaces" 7ower 2e%uirementsA Dystem Derial J" (0D -ntry" I7 #ddress" ther" 7rovide details
7rovide details 7rovide details 7rovide details 7rovide details 7rovide details 7rovide details 7rovide details
7rovide details Dcenario 8 Total ?oss of 0etwor$ 7rovide details Dcenario 2 Total ?oss of ,*
23
,%%EN%!/ CONT)CTS
S&""ort Systems 8#ate9 Dupport system !ritical networ$ assets !ritical interfaces !ritical files to restore !ritical networ$ services to restore ther services L7rovide detailsM L7rovide detailsM L7rovide detailsM L7rovide detailsM L7rovide detailsM L7rovide detailsM
24
%isaster +ecovery Plan for +emote Connectivity

S,ST-M O(-.(%-! -70%PM-NT
7rovide details Dcenario 8 Total ?oss of 0etwor$ 7rovide details Dcenario 2 Total ?oss of ,*
2)
,%%EN%!/ CONT)CTS
2.
%isaster +ecovery Plan for =oice Comm&nications

S,ST-M O(-.(%-! -70%PM-NT
7rovide details Dcenario 8 Total ?oss of Dwitch 7rovide details Dcenario 2 Total ?oss of 0etwor$
2/
,%%EN%!/ CONT)CTS
25
,""en#ix ( 7 S&ggeste# 3orms %amage ,ssessment 3orm

Key (&siness Process ,ffecte# %escri"tion Of Problem Extent Of %amage
>>>>>>>>>>>>>
/anagement of %+ ,ctivities 3orm

(uring the disaster recovery process all activities will be determined using a standard structureA *here practical, this plan will need to be updated on a regular basis throughout the disaster recovery periodA #ll actions that occur during this phase will need to be recorded.
,ctivity Name? +eference N&mber? (rief %escri"tion?
Commencement %ate@Time
Com"letion %ate@Time
+eso&rces Involve#
In Charge
999999999999999999
24
%isaster +ecovery Event +ecor#ing 3orm

#ll $ey events that occur during the disaster recovery phase must be recorded. #n event log shall be maintained by the disaster recovery team leader. This event log should be started at the commencement of the emergency and a copy of the log passed on to the business recovery team once the initial dangers have been controlled. The following event log should be completed by the disaster recovery team leader to record all $ey events during disaster recovery, until such time as responsibility is handed over to the business recovery team.
%escri"tion of %isaster? Commencement %ate? %ate@Time %+ Team /obiliAe#?
,ctivities !n#erta)en by %+ Team %ate an# Time O&tcome 3ollowBOn ,ction +e0&ire#
%isaster +ecovery TeamCs <or) Com"lete#? : ate; Event 5og Passe# to (&siness +ecovery Team? : ate;
>>>>>>>>>>>>>>>>>
%isaster +ecovery ,ctivity +e"ort 3orm

n completion of the initial disaster recovery response the (2T leader should prepare a report on the activities underta$en. The report should contain information on the emergency, who was notified and when, action ta$en by members of the (2T together with outcomes arising from those actions. The report will also contain an assessment of the impact to normal business operations. The report should be given to business recovery team leader, with a copy to senior management, as appropriate. # disaster recovery report will be prepared by the (2T leader on completion of the initial disaster recovery response. In addition to the business recovery team leader, the report will be distributed to senior management
33
The report will include" # description of the emergency or incident Those people notified of the emergency =including dates> #ction ta$en by members of the (2T utcomes arising from actions ta$en #n assessment of the impact to normal business operations #ssessment of the effectiveness of the 9!7 and lessons learned ?essons learned >>>>>>>>>>
/obiliAing the %isaster +ecovery Team 3orm

1ollowing an emergency re%uiring recovery of technology infrastructure assets, the disaster recovery team should be notified of the situation and placed on standby. The format shown below can be used for recording the activation of the (2 team once the wor$ of the damage assessment and emergency response teams has been completed.
%escri"tion of Emergency? ate Occurred6 ate $or& of isaster !ecovery Team "ompleted6
Name of Team /ember Contact %etails Contacte# On :Time @ %ate; (y <hom +es"onse Start %ate +e0&ire#
!elevant "omments <e.g.5 Specific Instructions Issued=
>>>>>>>>>>>
/obiliAing the (&siness +ecovery Team 3orm

1ollowing an emergency re%uiring activation of the disaster recovery team, the business recovery team should be notified of the situation and placed on standby. The format shown below will be used for recording the activation of the business recovery team once the wor$ of the disaster recovery team has been completed.
%escri"tion of Emergency? ate Occurred6 ate $or& of >usiness !ecovery Team "ompleted6
Name of Team /ember Contact %etails Contacte# On :Time @ %ate; (y <hom +es"onse Start %ate +e0&ire#
38
!elevant "omments <e.g.5 Specific Instructions Issued=
>>>>>>>>>>>>
/onitoring (&siness +ecovery Tas) Progress 3orm

The progress of technology and business recovery tas$s must be closely monitored during this period of time. Dince difficulties e&perienced by one group could significantly affect other dependent tas$s it is important to ensure that each tas$ is ade%uately resourced and that the efforts re%uired to restore normal business operations have not been underestimated.
Note: A priority sequence must be identified although, where possible, activities will be carried out simultaneously.
!ecovery Tas&s <Order of Priority) Person<s= !esponsi'le "ompletion ate Estimated #ctual Milestones Identified Other !elevant Information
8. 2. 3. 4. ). .. /.
99999999999
Pre"aring the (&siness +ecovery +e"ort 3orm

n completion of business recovery activities the 92T leader should prepare a report on the activities underta$en and completed. The report should contain information on the disruptive event, who was notified and when, action ta$en by members of the 92T together with outcomes arising from those actions. The report will also contain an assessment of the impact to normal business operations. The report should be distributed to senior management, as appropriate.
The contents of the report shall include" # description of the incident 7eople notified of the emergency =including dates> #ction ta$en by the business recovery team utcomes arising from actions ta$en
32
#n assessment of the impact to normal business operations 7roblems identified Duggestions for enhancing the disaster recovery andFor business continuity plan ?essons learned
Comm&nications 3orm
It is very important during the disaster recovery and business recovery activities that all affected persons and organizations are $ept properly informed. The information given to all parties must be accurate and timely. In particular, any estimate of the timing to return to normal wor$ing operations should be announced with care. It is also very important that only authorized personnel deal with media %ueries.
Persons Selected To "oordinate "ommunications to #ffected Persons 1 Organi@ations 4ame Position "ontact etails
?roups of Persons or Organi@ations #ffected 'y isruption
"ustomers Management % Staff Suppliers Media Sta&eholders Others
>>>>>>>>>>>>
+et&rning +ecovere# (&siness O"erations to (&siness !nit 5ea#ershi"

nce normal business operations have been restored it will be necessary to return the responsibility for specific operations to the appropriate business unit leader. This process should be formalized in order to ensure that all parties understand the change in overall responsibility, and the transition to business-as-usual. It is li$ely that during the recovery process, overall responsibility may have been assigned to the business recovery process lead. It is assumed that business unit management will be fully involved throughout the recovery, but in order for the recovery process to be fully effective, overall responsibility during the recovery period should probably be with a business recovery process team.
>>>>>>>>>>>>
33
(&siness Process@3&nction +ecovery Com"letion 3orm

The following transition form should be completed and signed by the business recovery team leader and the responsible business unit leader, for each process recovered. # separate form should be used for each recovered business process.
Name Of (&siness Process Com"letion %ate of <or) Provi#e# by (&siness +ecovery Team %ate of Transition (ac) to (&siness !nit /anagement (If different than completion date)
I confirm that the wor& of the 'usiness recovery team has 'een completed in accordance with the disaster recovery plan for the a'ove process5 and that normal 'usiness operations have 'een effectively restored. >usiness !ecovery Team 3eader 4ame6 9999999999999999999999999999999999999999 Signature6 9999999999999999999999999999999999999999999999999999999999999999 ate6 99999999999999999999999999 (Any relevant comments by the BRT leader in connection with the return of this business process should be made here.)
I confirm that a'ove 'usiness process is now accepta'le for normal wor&ing conditions. 4ame6 9999999999999999999999999999999999999999999999999999999999999999999 Title6 99999999999999999999999999999999999999999999999999999999999999999999 Signature6 9999999999999999999999999999999999999999999999999999999999999999 ate6 99999999999999999999999999
34

SearchDisasterRecovery IT DisasterRecoveryTemplate

Загружено:

Сведения о документе

Оригинальное название

Авторское право

Доступные форматы

Поделиться этим документом

Поделиться или встроить документ

Параметры публикации

Этот документ был вам полезен?

Это неприемлемый материал?

Авторское право:

Доступные форматы

SearchDisasterRecovery IT DisasterRecoveryTemplate

Загружено:

Авторское право:

Доступные форматы

<Client Name>

Information Technology Statement of Intent

Key Personnel Contact Info

Notification Calling Tree

Person Identifying Incident

*or$ +obile ,ome -mail #ddress

Telecom Carrier 1 #ccount 0umber

*or$ +obile 1a& ,ome -mail #ddress

Telecom Carrier 2 #ccount 0umber

*or$ +obile ,ome -mail #ddress

Hardware Supplier 1 #ccount 0umber

*or$ +obile -mergency 2eporting -mail #ddress

Ser er Supplier 1 #ccount 0umber.

*or$ +obile 1a& -mail #ddress

!or"#tation Supplier 1 #ccount 0umber

*or$ +obile ,ome -mail #ddress

O$$ice Supplie# 1 #ccount 0umber !334)/53

*or$ +obile ,ome -mail #ddress 5

%n#urance & Name #ccount 0umber

*or$ +obile ,ome -mail #ddress

Site Security & #ccount 0umber

*or$ +obile ,ome -mail #ddress

O$$'Site Storage 1 #ccount 0umber

*or$ +obile ,ome -mail #ddress

O$$'Site Storage 2 #ccount 0umber

6ser I( 7assword ,ome -mail #ddress

H()C & #ccount 0umber

*or$ +obile ,ome -mail #ddress

Power *enerator & #ccount 0umber

*or$ +obile ,ome -mail #ddress

Ot+er & #ccount 0umber

*or$ +obile ,ome -mail #ddress

External Contacts Calling Tree

1 Plan Overview 1 1 Plan !"#ating

1 $ Plan %oc&mentation Storage

1 ' (ac)&" Strategy

3oss of communications networ& services Pro'a'ility6 +78ery High5 /78ery 3ow

Impact6 +7Total destruction5 /7Minor annoyance

2.1.3 Activationof EmergencyResponseTeam

$ $ %isaster +ecovery Team

Emergency ,lert2 Escalation an# %+P ,ctivation

2.3.2 DR Proceduresfor Management

2.3.3 Contactwith Employees

2.3.5 RecordedMessages/ Updates

2.3.7 AlternateRecoveryFacilities/ Hot Site

2.3.8 Personneland FamilyNotification

' /e#ia ' 1 /e#ia Contact

' $ /e#ia Strategies

' ' /e#ia Team

' . +&les for %ealing with /e#ia

4 3inancial an# 5egal Iss&es 4 1 3inancial ,ssessment

4 ' 5egal ,ctions

7rovide details 7rovide details 7rovide details

%isaster +ecovery Plan for 8System Two9

7rovide details 7rovide details 7rovide details

%isaster +ecovery Plan for 5ocal ,rea Networ) :5,N;

7rovide details 7rovide details 7rovide details

%isaster +ecovery Plan for <i#e ,rea Networ) :<,N;

7rovide details 7rovide details 7rovide details

%isaster +ecovery Plan for +emote Connectivity

7rovide details 7rovide details 7rovide details

%isaster +ecovery Plan for =oice Comm&nications

7rovide details 7rovide details 7rovide details