Introduction: DRP encompasses all measures taken to ensure organizational survival in the enet of a natural or manmade calamity and to minize the impact of such an event on the originzation’s staff, patients, and the community
- The objective of disaster recoevery plans is to safeguard patient care.
-
The goal of the planning process is to minimize the distrubtion of operations and ensure a measure of organizational stability and orderly recovery after a disaster.
In all organization or facilities, a formal planning method is needed to ensure quality, consistency and comprehensiveness of disaster recovery contingency plans.
DR is not a one-time, finished produce but a proce that must plans as elemements in the orginzation change
Planning process:
Risk identification: which problems might occur?
Risk analysis: what would e their impact?
Risk prioritization: which problems are the most citrical?
Risk reduction: how can I reduce the impact of the problems?
Risk management planning: how will I apply this to the project?
Risk monitoring and testing: how effective is our risk control?
Disaster Recovery Planning
DRP encompasses all measures taken to ensure organization survival in the event of a natural or manmade calamity and to minimize the impact of such an event on the organization's staff, patients, and the community.
The objective of disaster recovery plans is to safeguard patient care.
The disaster recovery plan is an extensive, inclusive statement of actions to be taken before, during and after a disaster.
The plan must be regularly tested and updated to ensure the continuity of operations and the availability of critical data and processes in the event of a disaster.
Goal of planning process is to minimize the disruption of operations and ensure a measure of organizational stability and orderly recovery after a disaster.
In all organizations or facilities, a formal planning method is needed to ensure quality, contingency and comprehensiveness of disaster recovery contingency plans.
DRP is not a one-time, finished product but a process that must continually be used to update the contingency plans as elements in the organization change.
Planning Process:
Risk identification
Human threats;
1. is unauthorized access possible to either the physical site or information systems?
2. What safeguards are in place related to bomb threats, extortion, burglary, work stoppage, termination or resignation, or computer crime?
3. Sabotage is the major threat to any systems.
Risk Analysis
Records: consider the value of the records, both paper and electronic, that needs to be protected.
How much did it cost to create that record in the first place? What would it cost to recreate it now?
Does the information protect the rights of individuals, research, or the business interests of three agencies?
Is the information complete, or would other documents be necessary if action had to be taken.
How available is it? If the information could be obtained from another course without too much delay, its value is reduced.
Risk analysis
recreating the information:
calculate the cost of gathering the information from scratch, and then the cost of producing and reproducing it.
Reproducing only:
calculate the cost of duplicating your essential records now for off-site storage, or the cost of reproducing your off-side records for use after a disaster. The most visible from of information is paper, closely followed by magnetic and file records.
It would cost much less to duplicate now then to recreate later after the information has been destoryed.
Risk Prioritizing
Risk prioritization is all about determining "risk exposure".
The components of 'unsatisfactory outcome' may be cost, schedule, performance, and support.
Determining risk exposure provides the disaster planning project manager with a prioritized list of risks.
Risk reduction:
procedural presentation:
The goal of procedural prevention is to define acidifies necessary to prevent various disasters and ensure that these activities are performed as required.
Includes activities relating to security and recovery, performed on a day-to-day, month-to-month, or annual basis.
Examples include maintaining up-to-date backup copies of all computer files; annual verification of User IDs and passwords, maintaining a system for storing backup copies in place discrete from the course computer; and scheduling inspections and testing of smoke detectors, sprinkler systems, and fire extinguishers.
Disaster recovery plan
security: will the room/ vault/ cabinet be closed in an emergency? how can we secure documents if they have been retrieved?
Access: how can we arrange access to a cordoned off building? Who would be assigned to retrieve the materials?
Identification: if you were allowed to retrieve only one box of material, how would you identify the most urgent or critical one?
Restoration: if your documents are charred or soaked, do you know how to restore them?
Plan testing and maintain:
the contingency plan must be audited and tested on a regular basis to know that proposed processes serve the purpose of protecting the data and processes of the organization should a real disaster occur.
Most disaster recovery plans require a complete review of all procedures every 5 years tat focuses on refining the requirements, exploiting new technology, and using a fresh approach to consider new solutions to old problems.
With regular testing and an annual audit, the plan should be effective in processing critical data after a catastrophe occurs.
No comments:
Post a Comment