Disaster Recovery Plan

Disaster Recovery Plan

Provide an overview of the organization that will be delivered to senior management, defining the business goals and objectives and the size, layout, and structure of the organization. TechWidgets Inc., is an e-commerce company that provides merchandise to its customers through a web store. The core infrastructure is made up of 10 web servers in a single cluster to handle browsing requests, 5 servers in the web store clusters to hand transactions and processing and 5 a data cluster stored on a storage area network (SAN). The core network is connected to the internet via 2 high speed connections (T-3) from two different providers. This infrastructure is replicated in the organization’s alternate hot site for immediate failover in the event of a disaster to prevent any unscheduled downtime as well as being able to appropriately load balance any spikes in activity that would provide a less than adequate shopping experience for customers. The primary data center is located in Los Angeles, California and the hot site data center is located in Atlanta, Georgia. Although the cost associated with this configuration is high, it is the best way to provide the continuity of the business in the event of a catastrophic event such as a fire, flood or an earthquake.

Diagram of the organization’s network architecture and the proposed network architecture of an alternate computing facility in the event of a disaster. Develop the DRP Policy Disaster Declaration Assessment of Security Security and control within an organization is a continuing concern. It is preferable, from an economic and business strategy perspective, to concentrate on activities that have the effect of reducing the possibility of disaster occurrence, rather than concentrating primarily on minimizing impact of an actual disaster. This phase addresses measures to reduce the probability of occurrence. Security assessment of the computing and communications environment including personnel practices; physical security; operating procedures; backup and contingency planning; systems development and maintenance; database security; data and voice communications security; systems and access control software security; insurance; security planning and administration; and application controls. An accurate security assessment will enable the project team to improve any existing emergency plans and disaster prevention measures and to implement required emergency plans and disaster prevention measures where none exist. After the assessment is done presentation of the findings and recommendations resulting from the activities of the security assessment to the management so that corrective actions can be initiated in a timely manner. Potential Disaster Scenario and Methods of Dealing with the Disaster The risk of running an e-commerce business is not much different than running a traditional business. You have personnel, building assets and technology assets so the potential disasters are similar. For example, in the event of a fire due to sabotage, electrical malfunction, or even the risk of wildfires, there are several measure that possible in dealing with a fire. Preventative and detective measures such as fire and smoke alarms are available to the facility, halon system to extinguish the fire if it breaks out in the data center computing areas, training users through the use of fire drills, proper documentation of diagrams of the building and all appropriate fire paths to exists are all ways to deal with a fire based disaster. Disaster Recovery Procedures Should the fire be detected in the data center computing area (server room), the alarm will sound and all personnel should immediately exit the building, especially anyone in the server room because halon exposure is deadly, along the routes determined by supervisors. The halon extinguishing system will seal the server room and activate, eliminating the fire within seconds. If fire is detected in any other zone, the sprinkler system will active and send a deluge of water throughout the affected area to extinguish the fire. Emergency response and fire personnel have an expected arrival time on site of 15 minutes after the alarm and organizational personnel are to reenter the building until the all clear is given by the fire department. Once the all clear has been given and if there was an actual fire, the IRT should get to work on dealing with the incident. Develop an Incident Response Team (IRT) charter Executive Summary The elements of a traditional agency computer security effort continue to be important and useful. There are several reasons that necessitate the establishment of an incident response plan and a few of them are that computers are widespread throughout the agency and the business relies heavily on computers and cannot afford them to be down for any significant amount of time. The organization’s computer systems and networks are at a high risk to threats such as computer viruses, intrusions, and denial of service attacks as well as the same risks that traditional businesses face such as fires, earthquakes and floods. These events can cause the company to face unnecessary expense in productivity, significant damage to systems, and damage to our reputation. The inability to address these risks is not an option, so the need now exists to take action prior to suffering the consequences of a serious computer security problem. Mission Statement Improve the security of the TechWidgets Inc., information infrastructure, minimize the threat of damage resulting from an incident and promote the prevention of such incidents in the future. Incident Declaration Declaration of the disaster and implementation of the emergency response can only occur when senior management requires it so. However, the following events have been prequalified as disasters: Damage, destruction, or an outage of the two following resources – Web Front end cluster, Web store Cluster, Data Cluster, Core Router 1,Core Router 3, Firewall 1, Firewall 2, ISP Link 1, and ISP Link2. Any other events, including but not limited to fires, worms, viruses, and other malware are subject to classification by management and to be handled appropriately. Organizational Structure Incident Response Management Incident Response Coordinator Technical Support Team Technical Assessment Team Communications Team Incident Response Support Roles and Responsibilities and Information Flow and Methods of Communication. * The technical assessment team is responsible for monitoring all sources of alerts, logs, and other warnings in the environment. In the event of an incident, they are responsible for determining if a response is necessary and notifying the coordinator. * The incident response coordinator tracks all reported potential threats, notifies management in the event of potential threats with the appropriate recommendation of action, alerts the communication team of threats and potential disasters. * The communications team is responsible for informing the employees of the organization of the activities of the IR team, and informing the other members of the IR team of the decisions made by IR management. * IR Management’s role is to determine when the risk has been mitigated to an reasonable level, give updates to upper management when needed, estimate the level of damage or impact of the incident, and document lessons learned for the disaster recovery process. * The technical support team is the expertise that is needed to carry out the functions required to get the business back up and running. This includes technical ability from I.T., facilities, infrastructure, HVAC, etc. Methods and Services Provided by the IRT. To adequately respond to an incident, predetermined teams will participate depending on the incident characteristics. As the situation develops and the impact becomes more significant, the various teams will be called to participate. Regardless of the type of incident, a six step method is generally followed to respond to an incident. 1. Preparation, one of the most important facilities to a response plan is to know how to use it once it is in place. The company has documentation for incidents of several types and levels of impact. Please see the risk assessment plan for details. 2. Identification, identify whether or not an incident has occurred. Proper analysis of log files and alerts will provide the required information for this step. 3. Containment involves limiting the scope and magnitude of an incident. 4. Eradication involves removing the cause of the incident. This can be done by restoring services and configurations to the last known good state or by completely rebuilding it based on the configuration information that was previously documented. 5. Recovery is restoring a system to its normal business status. This assumes that the eradication process was successful and that the services/configurations have been validated and verified as good. 6. Follow-up, this is where lessons learned are documented and modifications to processes and procedures are evaluated. This can be a very difficult process if the incident that is being recovered from had a particularly large impact.

References

University of Arkansas: Computing ServicesDisaster Recovery Plan. (1998). http://www.uark.edu/staff/drp/ Computer Security Incident Response. (n.d.). http://www.csirt.org/ Federal Emergency Management Agency. (1993). http://www.fema.gov/library/viewRecord.do?id=1689 Global Information Assurance Certification. (2002). http://www.giac.org/paper/gsec/3147/computer-incident-response-team-charter/105241

Disaster Recovery Plan

Disaster Recovery Plan

As you begin to prepare this assessment, you are encouraged to complete the Disaster Preparedness and Management activity. The information gained from completing this activity will help you succeed with the assessment as you think through key issues in disaster preparedness and management in the
or workplace. Completing activities is also a way to demonstrate engagement.
Professional Context
Nurses perform a variety of roles and their responsibilities as health care providers extend to the community. The decisions we make daily and in times of crisis often involve the balancing of human rights with medical necessities, equitable access to services, legal and ethical mandates, and financial constraints. In the event of a major accident or natural disaster, many issues can complicate decisions concerning the needs of an individual or group, including understanding and upholding rights and desires, mediating conflict, and applying established ethical and legal standards of nursing care. As a nurse, you must be knowledgeable about disaster preparedness and recovery to safeguard those in your care. As an advocate, you are also accountable for promoting equitable services and quality care for the diverse community.
Nurses work alongside first responders, other professionals, volunteers, and the health department to safeguard the community. Some concerns during a disaster and recovery period include the possibility of death and infectious disease due to debris and/or contamination of the water, air, food supply, or environment. Various degrees of injury may also occur during disasters, terrorism, and violent conflicts.
To maximize survival, first responders must use a triage system to assign victims according to the severity of their condition/prognosis in order to allocate equitable resources and provide treatment. During infectious disease outbreaks, triage does not take the place of routine clinical triage.
Trace-mapping becomes an important step to interrupting the spread of all infectious diseases to prevent or curtail morbidity and mortality in the community. A vital step in trace-mapping is the identification of the infectious individual or group and isolating or quarantining them. During the tracemapping process, these individuals are interviewed to identify those who have had close contact with them. Contacts are notified of their potential exposure, testing referrals become paramount, and individuals are connected with appropriate services they might need during the self-quarantine period (CDC, 2020).
An example of such disaster is the COVID-19 pandemic of 2020. People who had contact with someone who were in contact with the COVID-19 virus were encouraged to stay home and maintain social distance (at least 6 feet) from others until 14 days after their last exposure to a person with COVID-19.
Contacts were required to monitor themselves by checking their temperature twice daily and watching for symptoms of COVID-19 (CDC, 2020). Local, state, and health department guidelines were essential in establishing the recovery phase. Triage Standard Operating Procedure (SOP) in the case of COVID-19 focused on inpatient and outpatient health care facilities that would be receiving, or preparing to receive, suspected, or confirmed COVID- 19 victims.
Controlling droplet transmission through hand washing, social distancing, self-quarantine, PPE, installing barriers, education, and standardized triage algorithm/questionnaires became essential to the triage system (CDC, 2020; WHO, 2020).
This assessment provides an opportunity for you to apply the concepts of emergency preparedness, public health assessment, triage, management, and surveillance after a disaster. You will also focus on evacuation, extended displacement periods, and contact tracing based on the disaster scenario provided.
Demonstration of Proficiency
By successfully completing this assessment, you will demonstrate your proficiency in the following course competencies and assessment criteria:
Competency 1: Analyze health risks and health care needs among distinct populations.
Describe the determinants of health and the cultural, social, and economic barriers that impact safety, health, and disaster recovery efforts in a community.
Competency 2: Propose health promotion strategies to improve the health of populations.
Present specific, evidence-based strategies to overcome communication barriers and enhance interprofessional collaboration to improve disaster recovery efforts.
Competency 3: Evaluate health policies, based on their ability to achieve desired outcomes.
Explain how health and governmental policy affect disaster recovery efforts.
Competency 4: Integrate principles of social justice in community health interventions.
Explain how a proposed disaster recovery plan will lessen health disparities and improve access to community services.
Competency 5: Apply professional, scholarly communication strategies to lead health promotion and improve population health.
Organize content with clear purpose/goals and with relevant and evidence-based sources (published within 5 years).
Slides are easy to read and error free. Detailed audio and speaker notes are provided. Audio is clear, organized, and professionally presented.
Note: Complete the assessments in this course in the order in which they are presented.

Preparation
When disaster strikes, community members must be protected. A comprehensive recovery plan, guided by the MAP-IT (Mobilize, Assess, Plan, Implement,
Track) framework, is essential to help ensure everyone’s safety. The unique needs of residents must be assessed to lessen health disparities and improve access to equitable services after a disaster. Recovery efforts depend on the appropriateness of the plan, the extent to which key stakeholders have been prepared, the quality of the trace-mapping, and the allocation of available resources. In a time of cost containment, when personnel and resources may be limited, the needs of residents must be weighed carefully against available resources.
In this assessment, you are a community task force member responsible for developing a disaster recovery plan for the Vila Health community using MAP-IT and trace-mapping, which you will present to city officials and the disaster relief team.
To prepare for the assessment, complete the Vila Health: Disaster Recovery Scenario simulation.
In addition, you are encouraged to complete the Disaster Preparedness and Management activity. The information gained from completing this activity will help you succeed with the assessment as you think through key issues in disaster preparedness and management in the community or workplace.
Completing activities is also a way to demonstrate engagement.
Begin thinking about:
Community needs.
Resources, personnel, budget, and community makeup.
People accountable for implementation of the disaster recovery plan.
Healthy People 2020 goals and 2030 objectives.
A timeline for the recovery effort.
You may also wish to:
Review the MAP-IT (Mobilize, Assess, Plan, Implement, Track) framework, which you will use to guide the development of your plan:
Mobilize collaborative partners.
Assess community needs.
Plan to lessen health disparities and improve access to services.
Implement a plan to reach Healthy People 2020 goals or 2030 objectives.
Track community progress.
Review the assessment instructions and scoring guide to ensure that you understand the work you will be asked to complete.
Note: Remember that you can submit all, or a portion of, your draft recovery plan to Smarthinking Tutoring for feedback, before you submit the final version for this assessment. If you plan on using this free service, be mindful of the turnaround time of 24-48 hours for receiving feedback.
Note: If you require the use of assistive technology or alternative communication methods to participate in this activity,
Instructions
Every 10 years, The U.S. Department of Health and Human Services and the Office of Disease Prevention and Health Promotion release information on health indicators, public health issues, and current trends. At the end of 2020, Healthy People 2030 was released to provide information for the next 10 years.
Healthy People 2030 provides the most updated content when it comes to prioritizing public health issues; however, there are historical contents that offer a better understanding of some topics. Disaster preparedness is addressed in Healthy People 2030, but a more robust understanding of MAP-IT, triage, and recovery efforts is found in Healthy People 2020. For this reason, you will find references to both Healthy People 2020 and Healthy People 2030 in this
course.
Complete the following:
Develop a disaster recovery plan for the Vila Health community that will lessen health disparities and improve access to services after a disaster. Refer back to the Vila Health: Disaster Recovery Scenario to understand the Vila Health community.
Assess community needs.
Consider resources, personnel, budget, and community makeup.
Identify the people accountable for implementation of the plan and describe their roles.
Focus on specific Healthy People 2020 goals and 2030 objectives.
Include a timeline for the recovery effort.
Apply the MAP-IT (Mobilize, Assess, Plan, Implement, Track) framework to guide the development of your plan:
Mobilize collaborative partners.
Assess community needs.
Use the demographic data and specifics related to the disaster to identify the needs of the community and develop a recovery plan. Consider physical,
emotional, cultural, and financial needs of the entire community.
Include in your plan the equitable allocation of services for the diverse community.
Apply the triage classification to provide a rationale for those who may have been injured during the train derailment. Provide support for your position.
Include in your plan contact tracing of the homeless, disabled, displaced community members, migrant workers, and those who have hearing impairment or
English as a second language in the event of severe tornadoes.
Plan to lessen health disparities and improve access to services.
Implement a plan to reach Healthy People 2020 goals and 2030 objectives.
Track and trace-map community progress.

0 replies

Leave a Reply

Want to join the discussion?
Feel free to contribute!

Leave a Reply