Disaster Recovery and Business Continuity: A Quick Guide for Small Organizations and Busy Executives Second Edition

Table of contents

1. Copyright
2. Foreword
3. Preface
4. 1. Introduction to Disaster Recovery and Business Continuity
   1. Who should read this book?
   2. What is a disaster?
   3. What is disaster recovery?
   4. What is business continuity?
   5. What is crisis management?
   6. Why are DR and BC important?
   7. Who are the real owners of DR, BC and CM?
   8. What is the cost of a disaster?
   9. Who are the right persons to manage DR and BC work?
      1. Skill 1: Nature of a coward
      2. Skill 2: Leave no important task unfinished.
   10. What is a DR or BC site?
   11. What is a command centre?
   12. Where should a DR or BC site be located?
   13. Can organizations handle DR and BC all by themselves?
   14. What about DR and BC assistance from external consultants?
   15. What kinds of disaster should an organization be aware of?
   16. What is a technical risk?
   17. What are some of the most common technical risks?
   18. What are some of the most common non-technical risks?
   19. What is a business impact analysis (BIA)?
   20. Who can invoke business continuity?
   21. What are the options available for business continuity?
   22. What is a DR or BC exercise?
   23. What are the biggest roadblocks for disaster recovery or business continuity?
   24. How much money is required to establish a proper disaster recovery facility?
   25. Some do’s and don’ts
   26. Are there any international qualifications for disaster recovery and business continuity?
   27. Is there any training available for disaster recovery, business continuity, etc?
   28. Are there any international standards for business continuity planning?
5. 2. Data Disasters
   1. What is data?
   2. What is meant by risk to data?
   3. Why and how do companies lose data?
   4. How should organizations store data safely?
   5. What are some of the most common storage and backup options?
   6. What is meant by recovery time objective (RTO) and recovery point objective (RPO)?
   7. What does ‘Internet backup’ mean?
   8. What is a ‘geocluster’?
   9. How often should backups be taken, and what should be backed up?
   10. How can one decide what data needs to be backed-up?
   11. How and where should backup tapes be stored?
   12. How often should backups be tested?
   13. Will just taking proper data backups daily ensure disaster recovery?
   14. What do you mean by ‘disk mirroring’?
   15. What are some of the high-end storage and backup solutions available today?
   16. What do you mean by ‘database replication’?
   17. What does ‘server load balancing’ mean?
   18. How can one prevent loss of IT equipment?
   19. On-site disaster prevention methods:
   20. DR and BC methods
   21. Do’s and don’ts for preventing data disasters
6. 3. Virus Disasters
   1. What is a computer virus?
   2. How can you protect your organization from viruses?
   3. What is a worm?
   4. What is a Trojan?
   5. What is a macro-virus?
   6. How can one recover after a virus attack?
   7. How does one update anti-virus on all machines?
   8. Do’s and don’ts regarding viruses
   9. What is ‘phishing’?
7. 4. Communication System Disasters
   1. What are some of the common methods of communication in organizations?
   2. What is a communication failure?
   3. What are some of the methods for preventing local area network failures?
   4. What are some methods for preventing WAN disasters?
   5. Do’s and don’ts regarding communication systems
8. 5. Software Disasters
   1. What is a software disaster?
   2. What is a mission-critical application?
   3. What are some of the software disasters that can strike an organization?
      1. Operating system-related
      2. Application-related
      3. Hardware-related
   4. What are some of the best practices for software disaster prevention?
9. 6. Data Centre Disasters
   1. What is a data centre?
   2. How should a data centre be built?
   3. What are some of the best practices to prevent disasters inside data centres?
   4. Other precautions to prevent IT disasters
10. 7. IT Staff Disasters
    1. Who do you mean by IT staff?
    2. What are the general precautions to prevent disasters relating to IT staff?
    3. What is an appropriate IT staff ratio?
    4. What are the usual reasons for IT disasters?
    5. What are some of the best practices to be followed by IT staff?
    6. What are the main benefits of using ITIL?
    7. How can change management prevent disasters?
    8. What are the other risks relating to IT staff?
11. 8. IT Vendor Disasters
    1. What is an IT vendor?
    2. What is an IT vendor-related disaster?
    3. How can organizations protect themselves against IT vendor-related disasters?
    4. How does one prevent IT-vendor support disasters?
    5. Should IT staff be outsourced?
    6. What can be outsourced?
    7. Some questions to ask vendors
    8. Is it necessary to have contracts with vendors?
    9. What are the key elements of a maintenance contract or an SLA?
12. 9. IT Project Failures
    1. What is an IT project?
    2. Why do IT projects fail?
    3. How can organizations avoid IT project failures?
13. 10. Information Security
    1. What is information security?
    2. What are the various ways in which information security can be compromised?
    3. What safeguards are available to protect information?
    4. What is hacking?
    5. How can organizations prevent hacking?
    6. What is port scanning?
14. 11. Disaster Recovery Tools
    1. Introduction
15. 12. Introduction to Non-IT Disasters
    1. What are some of the non-IT disasters that could happen to an organization?
    2. What are the usual trade or labour union problems?
    3. What is a project failure?
    4. What is a human error?
    5. What are marketing and sales blunders?
    6. What are financial disasters?
    7. What are some of the common recruitment risks?
    8. What is a natural disaster?
    9. What about health and biological threats to employees within organizations?
    10. What about electrical failures and blackouts?
    11. What precautions can organizations take to handle civil disturbances?
    12. How can organizations take precautions against terrorism?
    13. What is a travel-related risk?
    14. What about the psychological effects of a disaster on employees?
    15. What is a reputation risk?
    16. What about industrial espionage?
    17. How can organizations prevent disasters relating to paper documents?
    18. What other precautions can organizations take?
16. 13. Disaster Recovery at Home
    1. What are the main risks associated with home working?
    2. What are some of the ways to prevent disasters occurring in homes?
       1. IT-related precautions
       2. Safety-related precautions
    3. Document and data management
    4. Data backup for stand-alone systems
       1. Sample recommended solution
17. 14. Plenty of Questions
    1. The most important question
       1. How do you get commitment by top management for DR and BC planning?
    2. Questions on planning, security, etc
    3. Questions on technology
    4. Questions on health and safety
    5. Questions on financial and legal issues
    6. Questions on people
18. 15. How Do I Get Started?
    1. How does one start a DR or BC programme?
       1. Step 1: Approvals and paperwork
       2. Step 2: Identifying internal manpower
       3. Step 3: Identify external manpower
       4. Step 4: Identify an alternative site
       5. Step 5: Get equipment
       6. Step 6: Install and test equipment
       7. Step 7: Maintain the DR readiness
       8. Step 8: Get an external opinion and audit
       9. Step 9: Tell everyone
    2. How do I create an actual business continuity plan?
    3. Common types of plan
       1. Sample BC plan for a hypothetical company
    4. How do I prepare an IT contingency plan?
       1. Sample IT contingency plan for a critical server
    5. What is a mock run and how do I conduct one?
       1. Steps to conduct a mock run
    6. How often should the DR or BC plan be updated?
    7. What should a BCM/DR checklist consist of?
    8. Sample useful checklists
    9. Important vendors list
    10. Vendor selection checklist
    11. DR staff checklist
    12. Critical systems checklist
    13. Important data checklist
    14. Restore test template
    15. Communication checklist
    16. Software support checklist
    17. Important documents checklist
    18. Non-IT checklist at DR or BC site
19. 1. Sources of Further Information
    1. Websites and publications
    2. DR and BC consultants
       1. Alan Calder
       2. Philip Jan Rothstein FBCI
       3. Other consultants
20. 2. Disaster Recovery Training and Certification
    1. DRI International (www.drii.org)
    2. Business Continuity Institute (www.thebci.org)
    3. Other courses and sources
       1. IT Governance (www.itgovernance.co.uk)
       2. Sentryx Certification (www.sentryx.com)
       3. Survive! The Business Continuity Group (www.survive.com)
       4. BCM Academy (www.bcmacademy.nl)
       5. Institute for Business Continuity Training (www.ibct.com)
       6. Disaster Survival Planning Network (www.disastersurvival.com)
21. 3. Business Continuity Standards
    1. PAS56 – Guide to Business Continuity Management
    2. BS25999
       1. Highlights of BS25999
       2. Purchasing the material
22. 4. Making DR and BC Exciting
    1. Posters
    2. Videos
    3. Contests and quizzes
    4. Reward programmes
23. 5. Disaster Recovery Glossary
24. 6. ITG Resources
    1. Pocket Guides
       1. Practical Information Security Pocket Guides
       2. Practical IT Governance Pocket Guides
    2. Toolkits
    3. Newsletter