Feed
Description

Disaster Recovery Template Sarbanes Oxley

Sarbanes Oxley Compliance Tool Kit

Information Technology Service Management ITSM - Change Control, Help Desk, and Service Request

Security Template Sarbanes Oxley

Sensitive Information Policy Personal Data Security

RSS News Feeds

- Janco

- IT Productivity Center

ejobdescription -

- psrinc

- IT-Toolkits

IT Job Descriptions and Salary Data Latest News

November 20th, 2008 - 03:01 PM

How the credit crunch has impacted the Disaster Planning and Business Continuity Process in Enterprises

In a survey of our JancoÂ’s clients 67 percent said that the financial crisis and the credit crunch has had an impact on business continuity planning in their organizations. Over one third of our clients reported that it had had a negative impact.

Medium sized organizations reported the most impact on business continuity activities, with over forty percent reporting a negative impact. While only one third of large organizations reported a negative impact and one fifth of small organizations did.

Large organizations were most likely to state that the global financial crisis and the credit crunch had had a positive impact on business continuity activities.

Regional differences were quite striking, those located in the United States were the most badly impacted and Western Europe-based organizations apparently being least affected, closely followed by UK organizations.

The following shows the percentage of regional respondents who said that the global financial crisis and the credit crunch was having a negative impact on business continuity planning in their organization:

United States: 52 percent
Western Europe: 28 percent
United Kingdom: 35 percent
South East Asia: 47 percent
Canada: 48 percent
Pacific (Including Australia): 49 percent

November 11th, 2008 - 12:16 PM

Disaster Recovery Planning
Every business and organization can experience a serious incident which can prevent it from continuing normal operations. This this can happen any day at any time. The potential causes are many and varied: flood, explosion, computer malfunction, accident, grievious act... the list is endless. The Disaster Recovery Planning Template is designed to help you plan for these scenarios. They will help you reduce both the risk and impact should the worst occur. The Disaster Recovery Planning Template is intended to be a launch pad for those seeking help with the business continuity planning process. It offers information, guidance, tips, and links to a range of resources.

Creating a disaster recovery plan is considerably simplified by use of this template. Using detailed questionnaires and checklists, this MS-Word toolkit will help you create and review both your contingency practices and recovery arrangements.

October 23rd, 2008 - 07:05 AM

After Disaster Recovery and Business Continuity Plan Completed Testing is Critical

Once your Disaster Recovery Business Continuity Plan (see Disaster Recovery Plan Template Business Continuity - http://www.e-janco.com/DisasterPlanning.htm) is set, test it at least semi-annually. The enterprise will need to perform a component-level restoration of your largest databases to get a realistic assessment of your recovery procedure, but a periodic walk-through of the procedure with the recovery team will assure that everyone knows their roles. Test the systems you are going to use in recovery regularly to validate that all the pieces work. Always record your test results and update the Disaster Recovery Business Continuity Plan to address any shortcomings.

As your business environment changes, so should the Disaster Recovery Business Continuity Plan. Reexamine the plan every year on a high level. Conduct a risk assessment annually and determine if you still need every part of the plan? Do you need to add to it? Will the budget need to be adjusted to accommodate changes to the plan? As applications, hardware, and software are added to your network, they must be brought into the plan. New employees must be trained on recovery procedures. New threats to business seem to pop up every week and a sound DRP takes all of them into account.

October 22nd, 2008 - 07:06 AM

IRS Systems Lack DRP and Security

An audit report of IRS systems states that the IRS fails to implement systems with adequate security built in. Since 1997, the IRS has designated computer security as a material weakness. The IRS continues to struggle with addressing security vulnerabilities on its modernized systems. Until security control vulnerabilities are corrected, the IRS is jeopardizing the confidentiality, integrity, and availability of the massive volume of taxpayer data processed and stored by the IRS.

The IRS deployed two new systems with known security vulnerabilities relating to the protection of sensitive data, system access, monitoring of system access, and disaster recovery. These vulnerabilities increase the risks that

An unscrupulous person, with little chance of detection, could gain unauthorized access to the vast amount of taxpayer information the IRS processes, and
The systems could not be recovered effectively and efficiently during an emergency.

The IRS' processes for ensuring that security controls are implemented before systems are deployed failed because the IRS did not consider the known security vulnerabilities to be significant, which affected vulnerability resolution and system deployment decisions.

The Customer Service Executive Steering Committee, which had final milestone approval;

Did not provide sufficient oversight to ensure that security controls were implemented, and
Signed off project milestones despite the existence of weaknesses repeatedly reported to the Committee.

In addition the IRS' accepted major risks for these security vulnerabilities, including the inabilities to successfully recover the systems and their data in the event of a disaster and to detect malicious security events and unauthorized accesses to taxpayer data.

To see the report go to (http://www.treas.gov/tigta/auditreports/2008reports/200820163fr.pdf).

October 3rd, 2008 - 10:48 AM

Disaster Rcovery / Business Continuity is the International Standard
Disaster Recovery Business Continuity Template in WORD 2003 and WORD 2007 (Office 2003 and Office 2007) Formats

Park City, UT The Disaster Recovery Business Continuity template has been sold to enterprise in over 65 countries around the globe. With the release a of version 4.4 of the template it is in complete compliance with Sarbanes-Oxley, HIPAA, ITIL (Ver 3), ISO 17799, and PCI DSS.

M V Janulaitis the CEO of Janco said, "Our DRP /BCP Template has been accepted by enterprise around the globe as the standard for disaster recovery plan and business continuity plan creation." In response to that need Janco has updated its "Disaster Recovery / Business Continuity Template" by increasing the content of the template as well as updating the entire document to be compliant with Sarbanes-Oxley, HIPAA, ITIL (Ver. 3), ISO 17799, and PCI DSS.

The Disaster Recovery Business Continuity Plan has been purchased for use in over 65 countries around the globe including:

Angola
Australia
Austria
Bahamas
Barbados
Belgium
Belize
Bermuda
Brazil
Bulgaria
Canada
Cayman Islands
Columbia
Croatia
Czech Republic
Denmark
Egypt

Finland
France
Germany
Greece
Honduras
Hungary
Iceland
India
Indonesia
Israel
Italy
Jamaica
Japan
Jordan
Kenya
Lebanon
Lithuania

Macao
Malta
Mexico
Mozambique
Namibia
Netherlands
New Zealand
Nigeria
Norway
Panama
Philippines
Poland
Portugal
Puerto Rico
Qatar
Republic of Ireland
Romania

Russia
Saudi Arabia
Singapore
South Africa
South Korea
Spain
Sri Lanka
Swaziland
Switzerland
Taiwan
Thailand
Trinidad & Tobago
Uganda
United Kingdom
United States
Venezuela
Zambia

The Disaster Recovery Business Continuity Plan has been purchased for use in government, public, and private enterprises in almost all industries including:

Federal Government
State Governments
Local Governments
Law Firms
Think Tanks
Chemical
Telecommunication
Real Estate
Manufacturing

Universities
School Districts
Consulting Firms
Banks
Financial Service
Investment Banks
Credit Unions
Outsourcers
Property Mgt

Heavy Industry
Light Industry
Distribution
Retail
Hospitality
Energy
Insurance
Medical
ISPs

Application Development
Construction
Graphics
Entertainment
Paper Products
Defense
Aerospace
Media

October 3rd, 2008 - 10:47 AM

Safeguarding Portable Media
Sarbanes-Oxley and HIPAA may not regulate the removal of information from corporate domains. But a growing number of states are passing data breach notification laws. As more and more corporate information gets loaded onto removable devices such as MP3 players, iPods, and even cell phones, should companies take measures to restrict the removal of such data? One solution is to mandate encryption of data loaded onto mobile devices.

November 2nd, 2007 - 10:38 AM

New Disaster Recovery Audit Program Released

The Disaster Recovery / Business Continuity Audit program identifies control objectives that are meet by the audit program.

There are 36 specific items that the audit covers in the 11 page audit program. Included are references to specific Janco products that directly address the areas the audit covers.

This program can be used as standalone audit program or in concert with the following Janco offerings:

Disaster Recovery / Business Continuity Template

Security Manual Template

Security Audit Program Template

Business and IT Impact Questionnaire

IT Service Management for Service Oriented Architecture

Metrics for the Internet and Information Technology

October 23rd, 2007 - 10:30 AM

Centralized Back-up for DRP is an Issue

The need to be close to customers, manufacturing facilities and specialized labor have required organizations to extend the traditional concept of headquarters to offices and factories hundreds or even thousands of miles away. However, along with the opportunities that come with workforce globalization, come the realities of dealing with data that sprawls across the organization. Whether the data is at the Munich branch or at HQ in New York, it is equally susceptible to loss, requiring that data recovery and security plans apply to all parts of the organization, regardless of location.

To protect company data and ensure its availability to users, IT organizations have been conflicted between two backup approaches. The first approach, local tape backup, requires that tape libraries be present wherever there are servers in racks. Local area network (LAN) access to the servers gives administrators fast data backup and recovery.

The newer approach, centralized backup, puts high-density tape libraries in one location to which data from servers around the world is backed up. While centralized backup requires less hardware, reduces administration time, and solves the security problem associated with loose tape media, it can introduce greater bandwidth consumption and longer backup/restore windows. Because of these issues, centralized backup has been a leap some managers have not been willing to make.

October 13th, 2007 - 11:58 AM

Back-up e-mail system should be part of your DRP

Enterprise are now realizing that separate archiving processes for disaster recovery and for general archiving that is need for enterprise compliance to Sarbanes Oxley and operation needs are wasteful and unnecessary. The Janco Disaster Recovery Plan and Security Manual Template show their clients how to do this cost effectively. The templates begin with an assessment of what is done and maps that to what needs to be done.

In addition a backup e-mail system in needed. The system should be with a managed service provider who hosts the servers offsite out of the client's immediate geography. Archiving and disaster recovery are both extremely complex, combining the two so that there is one set of systems, policies and data decreases cost and management complexity.

October 3rd, 2007 - 01:27 PM

Explosive Growth is a Challenge Faced by Disaster Recovery Planning Processes

Enterprises of all sizes today are facing the ever-increasing challenge of managing the explosive growth of valuable data. As the predominant form of communication for business transactions, email is an application that is mission critical to organizations of all sizes. It generates a huge amount of information that must be immediately available and protected. The loss of a single message may generate hours of unnecessary and frustrating labor for administrators and can lower productivity or even hinder progress within organizations.

Email applications have become key communication tools for businesses of all sizes. Today, email is the most common and vital form of communication, often replacing the phone as the preferred mechanism for exchanging information in the business world. It is a more efficient and cost-effective way of disseminating information of all types (text, image, video, and even voice) to fellow employees and between companies located anywhere in the world. In fact, as companies consider their messaging servers to be mission critical, these are among the first servers to be recovered after a disaster, sometimes even before phone systems.

September 25th, 2007 - 03:28 PM

Cell Phones Key to Disaster Recovery Plan
The first hours after a natural disaster are a crucial period for the any enterprises efforts to implement the plan. Even when phone and power service is unavailable, the organization's field staff stays connected to vital information with their cell phones and smartphones. They use the cellular network to send and receive emails and instant messages, keep their calendars and contacts up-to-date, review documents, and place and accept phone calls.

September 21st, 2007 - 09:39 AM

Server consolidation increases complexity and adds risk to Disaster Planning

Disaster plan need to take into account mainframes, blade servers, consolidated file servers as well as distributed file servers. The problem is more complex as enterprises slowly move away from IT and Business alignment towards IT and Business convergence. For example, Server consolidation in recent years has proven to be a successful technique to optimize IT costs and efficiency, while increasing business uptime.

This has raised the level of complexity and risk associated with DRP and business continuity plans. For example, in 2004 alone, over 65 percent of all IT organizations implemented or planned to implement server consolidation. Today, with the advent of blade server architectures, virtual server technology, and storage deployment methods such as clustering and virtualization, the expansion of the already proven benefits of consolidation are accelerating. Appropriately Disaster Recovery and Business Continuity need to be updated.

September 7th, 2007 - 05:55 PM

No Good Deed Goes Unpunished

(Computerworld) -- In December 2005, a thief broke into Steven Shields car at his Oregon home and walked off with computer disks and tapes containing unencrypted personal information on 365,000 patients at the Portland Providence Health Systems.

Keaney noted that the lawsuit is being filed under the Oregon whistle-blower law, which makes it illegal for a company to fire an individual for making a report to law enforcement authorities. According to Keaney, Shields was just doing the job he was asked to do when he transported the Providence patient data tapes to his home as part of the organization backup protocol.

The breach was the largest of its kind in Oregon history and resulted in a class-action lawsuit against the health care provider and a nine-month-long investigation by the state attorney general. That probe ended with a $95,000 settlement paid out by Providence Health.

Now, in a new twist in the case, Shields -- a former IT worker for the health care agency -- has filed a wrongful termination lawsuit against Providence Health, claiming he was fired in February 2006 simply because he reported the theft to local law enforcement officials.

The lawsuit, filed at the Multnomah County Circuit Court on Aug. 28, seeks $1 million in damages for lost wages and what Shields' attorney said was the emotional distress caused by the firing. In addition to anxiety, depression and humiliation, the firing also caused anger, lost sleep and skin disorders, the lawsuit said.

The theft occurred on Dec. 30 or 31, 2005. Providence Health did not start notifying affected individuals until the end of January in 2006. Shields was fired the next month.

August 28th, 2007 - 01:34 PM

Wide Area Network Back-up Strategy Defined

The Janco DR / BC Plan addresses all of the back-up issues faced by enterprises today. Included are wide area network-based approaches to data backup are naturally limited by the performance of the WAN. Bandwidth limitations and network latency can make backup take much longer than desired. For large remote offices with significant datastores, this can make WAN-based backup impossible without significant costly WAN bandwidth upgrades.

By overcoming bandwidth limitations and optimizing transfers to overcome network latency, network based appliances have successfully enabled and facilitated network-based backup approaches in the most demanding customer environments. Network Based applicance technology dramatically optimizes common network-based approaches for backing up large amounts of data in your distributed enterprise:

Centralized backup and recovery of servers and desktop machines in remote offices
Replication of centralized data repositories between data centers

Click here to download a copy of the table of contents and selected pages of the DR / BC template.

August 28th, 2007 - 01:29 PM

Back-up Strategy Centralized versus Local

Local versus Centralized Back-up - Which is Best?

Disaster Recovery Back-up Alternatives	Advantage	Disadvantage
Local Back-up	- Back-up quicker - Minimal bandwidth usage - Quicker restore in minor recovery situation	- More hardware required - More staff required - Security risks increased - Riskier restore in a major recovery situation.
Central Back-up	- Hardware requirement less - Less staff required - Less training - Quicker restore in a major recovery situation. - Security risks lower	- More bandwidth required - Back-up takes longer to complete - Restore takes longer in minor recovery situation
Coordinated Local and Central Back-up	- Recovery time eased - Enterprise risks reduced - Easier to coordinate DRP and Business Continuity Plans	- More hardware required - More staff required - More training required - More bandwidth required

August 16th, 2007 - 11:24 AM

Communications After a Disaster are Critical

Without an effective plan in place, disruptions to business operations or government services can cause substantial financial loss, unnecessary personal or property damage, while seriously impacting communities. Business continuity planning (BCP) and organizational procedures for continuity of operations (COOP) can be strengthened and enhanced by means of a proven wireless solutions.

Preparing effectively for catastrophic events, power outages, weather-related incidents, and similar threats requires forward-looking procedures, a responsive communication network, and a framework of supporting technology.

Developing and implementing an effective mobile BCP strategy includes establishing best practices to make sure the solution is:

Architected to minimize potential revenue loss and brand damage;
Reliable and easy to use;
Secure and confidential;
Capable of communicating promptly to stakeholders during crisis;
Engineered for efficient usage of battery, processing, and network resources;
Designed to protect employees and other corporate assets; and
Compliant with regulatory mandates and reporting requirements.

August 9th, 2007 - 10:23 AM

Distaster Recovery is more of a challenge today

With expectations for system availability continually increasing and more businesses relying on 24 x 7 mission-critical applications, disaster recovery planning has risen to the forefront of IT's priorities. But complexities and costs associated with implementing a comprehensive data protection strategy often keep the vision from becoming reality, whether due to time, bandwidth and budget restraints.

The DRP / BC is the one answer that we can all agree on. It is current, meets all mandated needs like Sarbanes-Oxley, and is compliant to ITIL.

August 1st, 2007 - 03:00 PM

DRP Can Be A Risk Due To Hardware Upgrades
(Computerworld UK) -- Intelligent Finance, the online and telephone bank owned by HBOS PLC, suffered extensive online downtime on Sunday and Monday after a routine hardware upgrade ran into problems.

The downtime left customers unable to access their accounts or use any other part of the site for much of Sunday and Monday. The Web site was down from midnight on Sunday morning until 5:30 p.m. that day, and from 9:45 a.m. on Monday until 5:20 a.m. on Tuesday morning -- 37 hours in total, spread over three days.

Problems arose when the bank was performing a hardware upgrade that included the addition of new servers, according to an IF spokeswoman.

She said Sunday's upgrades were long planned and that the day had been chosen because traffic on the site was generally "not as intense."

But the work carried out on Sunday did not go to plan and affected customers attempting to use the service on Monday morning, with pages not loading properly. The system was taken offline again on Monday afternoon so the upgrade could be reinstalled.

It is not the first time the bank's Web site has been knocked out. In late 2002, some customers complained of being offline for up to five days.

IF defended its record of customer service. "Like any business, we have to upgrade," said a spokeswoman. "As a Telenet bank, we are lucky that customers were able to deal with us on the phone too."

Systems downtime remains a big problem among U.K. businesses, whether the customer-facing parts are affected or not. According to a recent poll, more than 80% of CIOs, IT directors and IT managers in large and medium-size businesses worldwide saw business continuity as a priority for increased spending this year.

And Google Inc. suffered its own high-profile downtime over the weekend when its Analytics service went down between Saturday and Monday.

July 27th, 2007 - 03:48 PM

Disaster Plan Template Released by Janco

DRP Template Version 4.3 Released

The Disaster Recovery / Business Continuity Template version 4.3 has just been released. Janco contiues to update its templates to meet the ever changing requirements of the business environment.

With this new version a fully indexed PDF copy of the template is now provided in addition to the two versions of WORD (2003 and 2007). The updates to the template included:

1. Defined generic metrics for DR/BC success

2. Business & IT Impact Analysis Questionnaire Updated

3. Updated references to DRP card

4. Updated formatting to meet WORD 2007 requirements

The version history for updates to template can be seen at http://www.e-janco.com/drpversion.htm and the full Table of Contents with sample pages can be downloaded at http://www.e-janco.com/Register_drp.asp .

March 29th, 2007 - 09:46 AM

Florida State Computers Fail - State is Down

A massive air-conditioning failure at a state office complex in Tallahassee shut down government computer traffic statewide and forced emergency managers to begin studying backup plans.

Rising temperatures posed an immediate threat to a $30 million state computer system in the Shared Resource Center, a highly secure, windowless brick complex that serves as the electronic nerve center for much of state government.

Computer traffic from 84 agencies and local governments, including some non-profit groups, flows through it daily.

Temperatures in a 9,276-square-foot room filled with 1,200 computer servers hovered at 90-degrees earlier today. Technicians like to keep the room chilled to 68 degrees and expect the equipment to start failing at 95 degrees.

IT Salary Survey

IT Hiring IT Job Descriptions IT Salary Survey

Metrics Internet IT

IT Business Strategic Alignment

Other News Links

CTO Toolkits.com
e-janco.com
IT Productivity.org
IT-Toolkits.com
ejobdescription.com
psrinc.com
psrorders.com
newsgroupworld.com
ntcity.com
disaster-planning-template.com
disaster-recovey-planning.org
disaster-recovery-planning.com
disaster-recovey-planning-template.com

© 1999 - 2008 Janco Associates, Inc. - ALL RIGHTS RESERVED -- Revised: 09/17/08.