Facebook Follow



XLM News Janco News Feed

Reddit  Del.icio.us  Stumble Upon  Facebook  
Disaster Recovery Security
Cloud DRP Security
Incident Communication Policy
Security Audit Program

DRP/BCP Tutorial
Disaster Recovery Defined
DRP BCP Basics
ISO 27031
Types of Disasters
Why Plans Fail
10 Commandments of DR & BC Planning
Cloud Backup
Disaster Preperation
Pandemic
Risk Assessment Process
Interruption
Life Cycle
Best Practices
Compliance Requirements
Media
Communication
Facility Loss
Remote Sites
Clean up - How To
What to do after an explosion, terrorist attack, or random act of violence
Disaster Recovery and Business Continuity
Metrics
Funding
Funding Request Presentation
Maximum Tolerable Period of Disruption
Disaster Recovery Guide
Common Mistakes
Why Disaster Recovery Business Continuity is not complete and or inaccurate
Weather

 

 Sample Outsourcing PolicyOutsourcing Policy

The outsourcing policy is twenty (20) pages in length and defines everything that is needed for a function, department, or area to be outsourced. 

The policy comes as a Microsoft Word document (Word 2003 & Word 2007) that can be modified as needed.  The template has been updated to include an ISO 27001 audit program definition. The policy template includes:

  • Outsourcing Management Standard
    • Service Level Agreement
    • Responsibility
  • Outsourcing Policy
    • Policy Statement
    • Goal
  • Approval Standard
    • Base Case
    • Responsibilities

Note: Look at the Practical Guide for Outsourcing over 110 page template for a more extensive process for outsourcing which includes a sample contract with a sample service level agreement

Sample Outsourcing PolicySample Outsourcing Policy

 

 

Other Policies

All of the policies that are provided here are contained within one or more of the templates that are on this site. These policies have been added as individual documents in WORD format for those clients who just need this particular policy.  All policies are Sarbanes-Oxley compliant.

The policies have just been updated to comply with all mandated requirements and include electronic forms that can be Emailed, filled out completely on the computer, routed and stored electronically -- a total solution.

 

 

Outsourcing Policies and Procedures News

DRP versus BCP

May 17th, 2012

Disaster recovery planning is one of the most important jobs of the IT professional. It includes working with upper management and winning the cooperation of all departments to make a working recovery plan. The two main parts are the Business Continuity Plan (BCP) and the Disaster Recovery Plan (DRP). These have to go hand-in-hand procedurally. The BCP focuses more on the schedule and timing of the DRP, so that in the event of a disaster the business can function normally. The three stages of a DRP are Prevent, Detect and Correct.

 Order Disaster Plan TemplateDisaster Plan Sample

A disaster recovery is a response to a declared disaster or a regional disaster. It is the restoration or recovery of an entire agent computer. A disaster recovery plan describes how an organization is to deal with potential disasters.  

 
- more info

Disaster Recovery budgets remain stable

April 29th, 2012

A report into business continuity and disaster recovery budgets finds:

  • According to a IT Business Continuity Templatebudget survey, 32 percent of enterprises had planned to increase spending on business continuity and disaster recovery by at least 5 percent in 2011. The reality is that budgets have stayed constant rather than increased as anticipated.
  • Business continuity and disaster recovery budgets in 2011 have been an average of six percent of IT operating and capital budgets.
  • The likely culprit in stalled business continuity and disaster recovery spending is the continuing economic uncertainty. Even in the best of economic times, it's difficult to build the business case for an initiative such as business continuity that's primarily about cost avoidance rather than return on investment. In tough economic times, it's almost impossible.

 Order Disaster Plan TemplateDisaster Plan Sample

- more info

Business Continuity Planning

April 13th, 2012

Horizon scanning is essential to avoid surprises in business continuity planning, but identifying the most likely thing to bite you next is tricky.

Order Disaster Plan TemplateDisaster Plan Sample

Looking beyond the imminent plannin risks contained in in every day events the top 3 worries are:

  • Supply Chain - Will an economic or political crisis mean disruption to this as a result of protest and civil unrest or even secession from monetary union?
  • Severe weather - Most enterprises are geared up for "average" weather. As we see extremes of drought, cold and storm will the strain on the infrastructure become a major cause of business interruptions?
  • Social Media - Increasingly organizations believe that these are essential to their businesses, yet they are provided externally, funded through advertising and beyond the control of the organization. How can we provide resilience/continuity for these? Should we?
- more info

Social media a disaster planning tools

April 2nd, 2012

Government agencies are turning to social media technology to manage disasters and improve public safety.

CIO policy bundleA growing number of agencies are tapping into Facebook and Twitter to monitor events and provide near real-time notifications. And some are now taking social media a step further by communicating internally or sharing information and comments across offices or agencies.

A September Congressional Research Service report, Social Media and Disasters: Current Uses, Future Options, and Policy Considerations, noted that social media already plays an important role in disasters, but the use of the technology for emergency management is growing.

In Fort Worth and Tarrant County in Texas, for instance, a joint emergency operations center has switched on social media tools that improve communication across dozens of agencies and departments throughout the state. Police, firefighters, healthcare providers and others use push-to-talk radio, cellular telephony, and text messaging (including text documents and file sharing) to interact with an IP telephony infrastructure located in a response center. This allows teams to coordinate immediate responses, regardless of the underlying communications technology.

Order

- more info

Disaster Recovery Business Continuity Basics

March 1st, 2012

The basics of a Disaster Recovery Business Continuity Plan are defined in the Janco Disaster Recovery Business Continuity Template. They are:

  • Develop the contingency planning policy statement. A formal department or agency policy provides the authority and guidance necessary to develop an effective contingency plan.
  • Conduct the business impact analysis (BIA). The BIA helps to identify and prioritize critical IT systems and components.
  • Identify preventive controls. Measures taken to reduce the effects of system disruptions can increase system availability and reduce contingency life cycle costs.
  • Develop recovery strategies. Thorough recovery strategies ensure that the system may be recovered quickly and effectively following a disruption.
  • Develop an IT contingency plan. The contingency plan should contain detailed guidance and procedures for restoring a damaged system.
  • Plan testing and training exercises. Testing the plan identifies planning gaps, whereas training prepares recovery personnel for plan activation; both activities improve plan effectiveness and overall agency preparedness.
  • Plan maintenance. The plan should be a living document that is updated regularly to remain current with system enhancements.
- more info